CVE-2026-0980 - Vulnerability Details - OpenCVE

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00076.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Red Hat

Red Hat Satellite 6.16 for RHEL 8

affected

Version	Status	Constraints
`0:0.13.0-0.1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.16 for RHEL 8

affected

Version	Status	Constraints
`0:0.13.0-0.1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.16 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-0.1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.16 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-0.1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:3.14.0.14-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.1.23-0.3.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:1.2.0-0.1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:4.2.28-0.1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:2.22.3-1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:3.27.10-2.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:1.5.1-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.4.3-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:4.16.0.14-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:6.17.7-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.0.3-4.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:3.14.0.14-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.1.23-0.3.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:1.2.0-0.1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:4.2.28-0.1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:2.22.3-1.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:3.27.10-2.el9pc`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:1.5.1-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.4.3-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:4.16.0.14-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:6.17.7-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.17 for RHEL 9

affected

Version	Status	Constraints
`0:0.0.3-4.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.18 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-1.el9sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.18 for RHEL 9

affected

Version	Status	Constraints
`0:0.13.0-1.el9sat`	unaffected	< *

Red Hat Red Hat Satellite 6 affected —

Configuration 1 [-]

cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:logicminds:rubyipmi:*:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Red Hat Subscribe	Red Hat Satellite 6 Subscribe

Project Subscriptions

Vendors	Products
Logicminds Subscribe	Rubyipmi Subscribe
Red Hat Subscribe	Red Hat Satellite 6 Subscribe
Redhat Subscribe	Satellite Subscribe Satellite Capsule Subscribe Satellite Maintenance Subscribe Satellite Utils Subscribe

Advisories

Source	ID	Title
Github GHSA	GHSA-hfcp-477w-3wjw	rubyipmi is vulnerable to OS Command Injection through malicious usernames

Fixes

Solution

No solution given by the vendor.

Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2026:5968
https://access.redhat.com/errata/RHSA-2026:5970
https://access.redhat.com/errata/RHSA-2026:5971
https://access.redhat.com/security/cve/CVE-2026-0980
https://bugzilla.redhat.com/show_bug.cgi?id=2429874

History

Fri, 27 Mar 2026 04:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:satellite:6.18::el9 cpe:/a:redhat:satellite_capsule:6.18::el9 cpe:/a:redhat:satellite_utils:6.18::el9
References		https://access.redhat.com/errata/RHSA-2026:5968

Thu, 26 Mar 2026 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat satellite Capsule Redhat satellite Maintenance Redhat satellite Utils
CPEs		cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite:6.17::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.17::el9 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.17::el9 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_utils:6.17::el9
Vendors & Products		Redhat satellite Capsule Redhat satellite Maintenance Redhat satellite Utils
References		https://access.redhat.com/errata/RHSA-2026:5970 https://access.redhat.com/errata/RHSA-2026:5971

Fri, 06 Mar 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 05 Mar 2026 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Logicminds Logicminds rubyipmi
CPEs		cpe:2.3:a:logicminds:rubyipmi:::::::: cpe:2.3:a:redhat:satellite:6.0:::::::*
Vendors & Products		Logicminds Logicminds rubyipmi

Fri, 27 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Red Hat Red Hat red Hat Satellite 6
Vendors & Products		Red Hat Red Hat red Hat Satellite 6

Fri, 27 Feb 2026 08:00:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
Title		Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username
First Time appeared		Redhat Redhat satellite
Weaknesses		CWE-78
CPEs		cpe:/a:redhat:satellite:6
Vendors & Products		Redhat Redhat satellite
References		https://access.redhat.com/security/cve/CVE-2026-0980 https://bugzilla.redhat.com/show_bug.cgi?id=2429874
Metrics		cvssV3_1 `{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-02-27T07:30:42.657Z

Updated: 2026-03-26T23:10:23.847Z

Reserved: 2026-01-15T08:53:56.962Z

Link: CVE-2026-0980

Vulnrichment

Updated: 2026-03-06T18:48:57.445Z

NVD

Status : Modified

Published: 2026-02-27T08:17:09.647

Modified: 2026-03-27T00:16:21.087

Link: CVE-2026-0980

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-02-27T16:06:05Z

Weaknesses

CWE-78

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0980", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-01-15T08:53:56.962Z", "datePublished": "2026-02-27T07:30:42.657Z", "dateUpdated": "2026-03-26T23:10:23.847Z"}, "containers": {"cna": {"title": "Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-0.1.el8sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-0.1.el8sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-0.1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-0.1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "foreman", "defaultStatus": "affected", "versions": [{"version": "0:3.14.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libcomps", "defaultStatus": "affected", "versions": [{"version": "0:0.1.23-0.3.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-brotli", "defaultStatus": "affected", "versions": [{"version": "0:1.2.0-0.1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-django", "defaultStatus": "affected", "versions": [{"version": "0:4.2.28-0.1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-pulp-container", "defaultStatus": "affected", "versions": [{"version": "0:2.22.3-1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-pulp-rpm", "defaultStatus": "affected", "versions": [{"version": "0:3.27.10-2.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-fog-kubevirt", "defaultStatus": "affected", "versions": [{"version": "0:1.5.1-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-foreman_kubevirt", "defaultStatus": "affected", "versions": [{"version": "0:0.4.3-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-katello", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "satellite", "defaultStatus": "affected", "versions": [{"version": "0:6.17.7-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "yggdrasil-worker-forwarder", "defaultStatus": "affected", "versions": [{"version": "0:0.0.3-4.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "foreman", "defaultStatus": "affected", "versions": [{"version": "0:3.14.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libcomps", "defaultStatus": "affected", "versions": [{"version": "0:0.1.23-0.3.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-brotli", "defaultStatus": "affected", "versions": [{"version": "0:1.2.0-0.1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-django", "defaultStatus": "affected", "versions": [{"version": "0:4.2.28-0.1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-pulp-container", "defaultStatus": "affected", "versions": [{"version": "0:2.22.3-1.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-pulp-rpm", "defaultStatus": "affected", "versions": [{"version": "0:3.27.10-2.el9pc", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-fog-kubevirt", "defaultStatus": "affected", "versions": [{"version": "0:1.5.1-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-foreman_kubevirt", "defaultStatus": "affected", "versions": [{"version": "0:0.4.3-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-katello", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "satellite", "defaultStatus": "affected", "versions": [{"version": "0:6.17.7-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "yggdrasil-worker-forwarder", "defaultStatus": "affected", "versions": [{"version": "0:0.0.3-4.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.18 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.18::el9", "cpe:/a:redhat:satellite_utils:6.18::el9", "cpe:/a:redhat:satellite_capsule:6.18::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.18 for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rubygem-rubyipmi", "defaultStatus": "affected", "versions": [{"version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite:6.18::el9", "cpe:/a:redhat:satellite_utils:6.18::el9", "cpe:/a:redhat:satellite_capsule:6.18::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "satellite:el8/rubygem-rubyipmi", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:satellite:6"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:5968", "name": "RHSA-2026:5968", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5970", "name": "RHSA-2026:5970", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5971", "name": "RHSA-2026:5971", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2026-0980", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874", "name": "RHBZ#2429874", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2020-01-15T08:08:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2026-01-15T08:50:01.841Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2020-01-15T08:08:00.000Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-03-26T23:10:23.847Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-27T16:50:09.223915Z", "id": "CVE-2026-0980", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T18:49:02.471Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0980", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-27T16:50:09.223915Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T18:48:57.445Z"}}], "cna": {"title": "Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 8", "versions": [{"status": "unaffected", "version": "0:0.13.0-0.1.el8sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 8", "versions": [{"status": "unaffected", "version": "0:0.13.0-0.1.el8sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-0.1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite:6.16::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.16 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-0.1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:3.14.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "foreman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.1.23-0.3.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "libcomps", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:1.2.0-0.1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-brotli", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:4.2.28-0.1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-django", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:2.22.3-1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-pulp-container", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:3.27.10-2.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-pulp-rpm", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:1.5.1-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-fog-kubevirt", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.4.3-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-foreman_kubevirt", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:4.16.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-katello", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:6.17.7-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "satellite", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.0.3-4.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "yggdrasil-worker-forwarder", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:3.14.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "foreman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.1.23-0.3.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "libcomps", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:1.2.0-0.1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-brotli", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:4.2.28-0.1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-django", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:2.22.3-1.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-pulp-container", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:3.27.10-2.el9pc", "lessThan": "*", "versionType": "rpm"}], "packageName": "python-pulp-rpm", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:1.5.1-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-fog-kubevirt", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.4.3-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-foreman_kubevirt", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:4.16.0.14-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-katello", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:6.17.7-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "satellite", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite_maintenance:6.17::el9", "cpe:/a:redhat:satellite:6.17::el9", "cpe:/a:redhat:satellite_utils:6.17::el9", "cpe:/a:redhat:satellite_capsule:6.17::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.17 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.0.3-4.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "yggdrasil-worker-forwarder", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6.18::el9", "cpe:/a:redhat:satellite_utils:6.18::el9", "cpe:/a:redhat:satellite_capsule:6.18::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.18 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6.18::el9", "cpe:/a:redhat:satellite_utils:6.18::el9", "cpe:/a:redhat:satellite_capsule:6.18::el9"], "vendor": "Red Hat", "product": "Red Hat Satellite 6.18 for RHEL 9", "versions": [{"status": "unaffected", "version": "0:0.13.0-1.el9sat", "lessThan": "*", "versionType": "rpm"}], "packageName": "rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:satellite:6"], "vendor": "Red Hat", "product": "Red Hat Satellite 6", "packageName": "satellite:el8/rubygem-rubyipmi", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2026-01-15T08:50:01.841Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2020-01-15T08:08:00.000Z", "value": "Made public."}], "datePublic": "2020-01-15T08:08:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:5968", "name": "RHSA-2026:5968", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5970", "name": "RHSA-2026:5970", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5971", "name": "RHSA-2026:5971", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2026-0980", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874", "name": "RHBZ#2429874", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-03-26T23:10:23.847Z"}, "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}}, "cveMetadata": {"cveId": "CVE-2026-0980", "state": "PUBLISHED", "dateUpdated": "2026-03-26T23:10:23.847Z", "dateReserved": "2026-01-15T08:53:56.962Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2026-02-27T07:30:42.657Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "848C92A9-0677-442B-8D52-A448F2019903", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:logicminds:rubyipmi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D9CA1CC-62E9-4A85-8A56-C34BD5BDA6E5", "versionEndIncluding": "0.12.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en rubyipmi, una gema utilizada en el componente Baseboard Management Controller (BMC) de Red Hat Satellite. Un atacante autenticado con permisos de creaci\u00f3n o actualizaci\u00f3n de hosts podr\u00eda explotar esta vulnerabilidad al crear un nombre de usuario malicioso para la interfaz BMC. Esto podr\u00eda llevar a ejecuci\u00f3n remota de c\u00f3digo (RCE) en el sistema."}], "id": "CVE-2026-0980", "lastModified": "2026-03-27T00:16:21.087", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.5, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-27T08:17:09.647", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:5968"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:5970"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:5971"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2026-0980"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "secalert@redhat.com", "type": "Secondary"}]}