CVE-2026-4324 is a security vulnerability identified in the Katello plugin of Red Hat Satellite 6, a widely used infrastructure management platform. The flaw stems from improper neutralization of special elements in SQL commands, specifically due to insufficient sanitization of the 'sort_by' parameter in the /api/hosts/bootc_images API endpoint. This allows a remote attacker to inject arbitrary SQL code into backend database queries. The injection can trigger database errors causing Denial of Service (DoS) conditions and facilitate Boolean-based Blind SQL injection attacks, enabling attackers to infer and extract sensitive information from the database without direct error messages. The vulnerability requires network access and low complexity to exploit, with privileges required but no user interaction needed. The CVSS v3.1 base score is 5.4, reflecting a medium severity level primarily due to limited impact on confidentiality and availability and the requirement for some privileges. No patches or known exploits are currently reported, but the vulnerability poses a significant risk to organizations using Red Hat Satellite 6 for managing large-scale infrastructure, as attackers could disrupt operations or compromise sensitive data through this injection vector.

The vulnerability can lead to several adverse impacts for organizations worldwide. Firstly, exploitation can cause Denial of Service by triggering database errors, potentially disrupting critical infrastructure management operations dependent on Red Hat Satellite 6. Secondly, the Boolean-based Blind SQL injection capability allows attackers to extract sensitive information from the backend database, risking confidentiality breaches of potentially critical operational data. This could include configuration details, host inventories, or other sensitive metadata managed by the platform. The requirement for some privileges to exploit limits the attack surface but does not eliminate risk, especially in environments with multiple users or automated systems interacting with the API. Disruption or data leakage could impact operational continuity, compliance posture, and trust in IT management systems. Given Red Hat Satellite's use in enterprise and government environments, the vulnerability could have cascading effects on broader IT infrastructure security and availability.

Organizations should prioritize applying official patches or updates from Red Hat addressing this vulnerability once available. In the interim, restrict access to the /api/hosts/bootc_images endpoint to trusted users and networks only, employing network segmentation and firewall rules to limit exposure. Implement strict input validation and sanitization on all user-supplied parameters, especially 'sort_by', to prevent injection attacks. Employ Web Application Firewalls (WAFs) with rules designed to detect and block SQL injection patterns targeting this API. Monitor logs and database error messages for unusual activity indicative of attempted exploitation. Conduct regular security assessments and code reviews of custom plugins or integrations with Red Hat Satellite to identify and remediate similar injection risks. Additionally, enforce least privilege principles for users interacting with the API to reduce the potential impact of compromised credentials.