CVE-2026-53470: Authorization Bypass Through User-Controlled Key
CVE-2026-53470 is a critical authorization bypass vulnerability in migration-planner affecting versions prior to 0. 13. 5. An authenticated attacker can exploit improper access control in the /api/v1/sources/{id}/image-url endpoint to bypass ownership checks and obtain presigned S3 URLs for OVA images belonging to other users. These images may contain sensitive data such as long-lived agent JWTs and source configurations, risking unauthorized access and modification of victim sources.
AI Analysis
Technical Summary
This vulnerability in migration-planner allows an authenticated user to bypass ownership verification at the /api/v1/sources/{id}/image-url endpoint. By exploiting this improper access control, the attacker can retrieve presigned S3 URLs for Open Virtual Appliance images of other users. These images contain sensitive information including long-lived JSON Web Tokens and source configuration data, which could lead to unauthorized access and modification of the victim's source environment. The vulnerability affects all versions prior to 0.13.5. The product is a cloud service, and the vendor (Red Hat) manages remediation for this cloud-hosted service. The CVSS v3.1 base score is 9.6, indicating critical severity.
Potential Impact
Successful exploitation allows an authenticated attacker to access sensitive OVA images of other users, exposing long-lived JWTs and source configurations. This exposure can lead to unauthorized access and modification of victim sources, compromising confidentiality and integrity. The vulnerability does not impact availability. The high CVSS score reflects the critical impact on confidentiality and integrity with low attack complexity and no user interaction required.
Mitigation Recommendations
A patch is available for this vulnerability in migration-planner version 0.13.5 and later. Since this is a cloud-hosted service, Red Hat manages remediation server-side. Users should verify with the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-53470 for the latest remediation status and ensure their service is updated to a fixed version. No additional mitigation steps are indicated by the vendor advisory.
CVE-2026-53470: Authorization Bypass Through User-Controlled Key
Description
CVE-2026-53470 is a critical authorization bypass vulnerability in migration-planner affecting versions prior to 0. 13. 5. An authenticated attacker can exploit improper access control in the /api/v1/sources/{id}/image-url endpoint to bypass ownership checks and obtain presigned S3 URLs for OVA images belonging to other users. These images may contain sensitive data such as long-lived agent JWTs and source configurations, risking unauthorized access and modification of victim sources.
CVSS v3.1
Score 9.6critical
Affected software
pkg:github/migration-plannerAI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in migration-planner allows an authenticated user to bypass ownership verification at the /api/v1/sources/{id}/image-url endpoint. By exploiting this improper access control, the attacker can retrieve presigned S3 URLs for Open Virtual Appliance images of other users. These images contain sensitive information including long-lived JSON Web Tokens and source configuration data, which could lead to unauthorized access and modification of the victim's source environment. The vulnerability affects all versions prior to 0.13.5. The product is a cloud service, and the vendor (Red Hat) manages remediation for this cloud-hosted service. The CVSS v3.1 base score is 9.6, indicating critical severity.
Potential Impact
Successful exploitation allows an authenticated attacker to access sensitive OVA images of other users, exposing long-lived JWTs and source configurations. This exposure can lead to unauthorized access and modification of victim sources, compromising confidentiality and integrity. The vulnerability does not impact availability. The high CVSS score reflects the critical impact on confidentiality and integrity with low attack complexity and no user interaction required.
Mitigation Recommendations
A patch is available for this vulnerability in migration-planner version 0.13.5 and later. Since this is a cloud-hosted service, Red Hat manages remediation server-side. Users should verify with the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-53470 for the latest remediation status and ensure their service is updated to a fixed version. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-09T17:03:29.627Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-53470","vendor":"Red Hat"}]
Threat ID: 6a29799fc9170919df2daed3
Added to database: 6/10/2026, 2:50:07 PM
Last enriched: 6/10/2026, 3:04:21 PM
Last updated: 6/10/2026, 4:02:13 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.