CVE-2026-9073: Insertion of Sensitive Information into Log File in Red Hat Red Hat Satellite 6
CVE-2026-9073 is a vulnerability in Red Hat Satellite 6's foreman-mcp-server component where sensitive session identifiers and authentication data can be logged in plaintext. This occurs because one logging mechanism records session identifiers at an informational level, and another debug logging mechanism incompletely sanitizes HTTP headers, exposing authorization tokens and API keys in container logs. This can lead to confidentiality breaches if logs are accessed or forwarded improperly.
AI Analysis
Technical Summary
The vulnerability in Red Hat Satellite 6's foreman-mcp-server involves two logging mechanisms that expose sensitive authentication data. Session identifiers, which serve as authentication credentials, are logged at an informational level. Additionally, when debug logging is enabled, HTTP request headers are not fully sanitized, causing sensitive information such as authorization tokens and API keys to be logged in cleartext. These logs are persisted within container logs, increasing the risk of unauthorized access to sensitive credentials, especially if logs are forwarded to centralized logging platforms.
Potential Impact
The vulnerability results in a confidentiality breach by exposing sensitive authentication data in plaintext logs. This increases the risk of credential compromise if an attacker gains access to these logs. There is no indication of impact on integrity or availability. The CVSS score of 6.2 (medium severity) reflects the local attack vector and the confidentiality impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9073 for current remediation guidance. Until a fix is available, avoid enabling debug logging in production environments to prevent sensitive data from being logged. Review and restrict access to container logs and any centralized logging platforms to minimize exposure of sensitive information.
CVE-2026-9073: Insertion of Sensitive Information into Log File in Red Hat Red Hat Satellite 6
Description
CVE-2026-9073 is a vulnerability in Red Hat Satellite 6's foreman-mcp-server component where sensitive session identifiers and authentication data can be logged in plaintext. This occurs because one logging mechanism records session identifiers at an informational level, and another debug logging mechanism incompletely sanitizes HTTP headers, exposing authorization tokens and API keys in container logs. This can lead to confidentiality breaches if logs are accessed or forwarded improperly.
CVSS v3.1
Score 6.2medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in Red Hat Satellite 6's foreman-mcp-server involves two logging mechanisms that expose sensitive authentication data. Session identifiers, which serve as authentication credentials, are logged at an informational level. Additionally, when debug logging is enabled, HTTP request headers are not fully sanitized, causing sensitive information such as authorization tokens and API keys to be logged in cleartext. These logs are persisted within container logs, increasing the risk of unauthorized access to sensitive credentials, especially if logs are forwarded to centralized logging platforms.
Potential Impact
The vulnerability results in a confidentiality breach by exposing sensitive authentication data in plaintext logs. This increases the risk of credential compromise if an attacker gains access to these logs. There is no indication of impact on integrity or availability. The CVSS score of 6.2 (medium severity) reflects the local attack vector and the confidentiality impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9073 for current remediation guidance. Until a fix is available, avoid enabling debug logging in production environments to prevent sensitive data from being logged. Review and restrict access to container logs and any centralized logging platforms to minimize exposure of sensitive information.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-05-20T12:18:07.910Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-9073","vendor":"Red Hat"}]
Threat ID: 6a3aeefceed863c81e96a14f
Added to database: 06/23/2026, 20:39:24 UTC
Last enriched: 06/23/2026, 20:54:24 UTC
Last updated: 06/23/2026, 21:15:11 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.