Katello ContentUploadsController Auth Bypass via Edit Products
CVE-2026-12515 Published on June 17, 2026
Katello: missing repository authorization in content_uploads exposes cross-product content existence
A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the edit_products permission to query content information for repositories outside the products they were authorized to manage. An authenticated attacker could exploit this issue to determine whether specific content exists within repositories that should otherwise be inaccessible. This issue does not allow unauthorized modification, import, or publication of content.
Vulnerability Analysis
CVE-2026-12515 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Timeline
Reported to Red Hat.
Made public.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-12515 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2026-12515
stack.watch emails you whenever new vulnerabilities are published in Red Hat Hummingbird or Red Hat Satellite. Just hit a watch button to start following.
