关键信息 漏洞编号: Bug 2396020 (CVE-2025-10622) 漏洞类型: OS command injection via ct_location and fctxt_location parameters 报告日期: 2025-09-17 09:16 UTC 修改日期: 2025-11-05 04:27 UTC 状态: NEW 产品: Security Response 组件: vulnerability 操作系统: Linux 优先级: high 严重性: high 修复版本: RHSA-2025:19721 受影响的产品: Red Hat Satellite 6.16.5.2 (Foreman 3.12.0.8-1) 漏洞描述 A command injection flaw was found in Red Hat Satellite 6.16.5.2 (Foreman 3.12.0.8-1). Although a whitelist for CoreOS Transpiler Command and Fedora CoreOS Transpiler Command is implemented, the whitelist is only enforced on the client-side and is not validated on the server-side. This flaw allows an authenticated user with edit_settings permissions to modify these parameters to achieve arbitrary command execution on underlying operating system and bypass safe mode rendering. 解决方案 This issue has been addressed in the following products: Red Hat Satellite 6.18 for RHEL 9 Via RHSA-2025:19721 https://access.redhat.com/errata/RHSA-2025:19721