Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation

8.1 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Description

A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.

Basic Information

ID CVE-2026-1530

Source redhat

Published Feb 2, 2026 at 05:47

Affected Product

Vendor Red Hat

Product Red Hat Satellite 6

CWE Classification

CWE-295

References

{
    "lastseen": "",
    "description": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.",
    "published": "2026-02-02T05:47:10.049Z",
    "modified": "2026-02-02T05:47:10.049Z",
    "type": "cve",
    "title": "Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2026-1530\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2433784",
    "id": "CVE-2026-1530",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 8.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Red Hat Satellite 6",
    "version": "",
    "vendor": "Red Hat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation_CVE-2026-1530