How severe is CVE-2025-10622?

CVE-2025-10622 has a CVSS v3 score of 8 (HIGH).

CVE-2025-10622

8.0HIGH

A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying opera

发布于: 11/5/2025更新于: 12/23/2025

描述

A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.

AI分析AI驱动

参考资料

https://access.redhat.com/errata/RHSA-2025:19721
https://access.redhat.com/errata/RHSA-2025:19832
https://access.redhat.com/errata/RHSA-2025:19855
https://access.redhat.com/errata/RHSA-2025:19856
https://access.redhat.com/security/cve/CVE-2025-10622
https://bugzilla.redhat.com/show_bug.cgi?id=2396020
https://theforeman.org/security.html#2025-10622