SpirityCVE

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Logicminds	Rubyipmi
Red Hat	Red Hat Satellite 6
Redhat	Satellite Satellite Capsule Satellite Maintenance Satellite Utils

Configuration 1 [-]

cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:logicminds:rubyipmi:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.spirityenterprise.com/pentest
https://www.spirityenterprise.com/managed-detection-response
https://access.redhat.com/errata/RHSA-2026:5968
https://access.redhat.com/errata/RHSA-2026:5970
https://access.redhat.com/errata/RHSA-2026:5971
https://access.redhat.com/security/cve/CVE-2026-0980
https://bugzilla.redhat.com/show_bug.cgi?id=2429874

History

Fri, 27 Mar 2026 04:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:satellite:6.18::el9 cpe:/a:redhat:satellite_capsule:6.18::el9 cpe:/a:redhat:satellite_utils:6.18::el9
References		https://access.redhat.com/errata/RHSA-2026:5968

Thu, 26 Mar 2026 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat satellite Capsule Redhat satellite Maintenance Redhat satellite Utils
CPEs		cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite:6.17::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.17::el9 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.17::el9 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_utils:6.17::el9
Vendors & Products		Redhat satellite Capsule Redhat satellite Maintenance Redhat satellite Utils
References		https://access.redhat.com/errata/RHSA-2026:5970 https://access.redhat.com/errata/RHSA-2026:5971

Fri, 06 Mar 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 05 Mar 2026 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Logicminds Logicminds rubyipmi
CPEs		cpe:2.3:a:logicminds:rubyipmi:::::::: cpe:2.3:a:redhat:satellite:6.0:::::::*
Vendors & Products		Logicminds Logicminds rubyipmi

Fri, 27 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Red Hat Red Hat red Hat Satellite 6
Vendors & Products		Red Hat Red Hat red Hat Satellite 6

Fri, 27 Feb 2026 08:00:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
Title		Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username
First Time appeared		Redhat Redhat satellite
Weaknesses		CWE-78
CPEs		cpe:/a:redhat:satellite:6
Vendors & Products		Redhat Redhat satellite
References		https://access.redhat.com/security/cve/CVE-2026-0980 https://bugzilla.redhat.com/show_bug.cgi?id=2429874
Metrics		cvssV3_1 `{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-02-27T07:30:42.657Z

Updated: 2026-03-26T23:10:23.847Z

Reserved: 2026-01-15T08:53:56.962Z

Link: CVE-2026-0980

Vulnrichment

Updated: 2026-03-06T18:48:57.445Z

NVD

Status : Modified

Published: 2026-02-27T08:17:09.647

Modified: 2026-03-27T00:16:21.087

Link: CVE-2026-0980

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object