CVE-2026-13316

MEDIUM

Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-13316. PoCs published by HermesNA-1.

AI-analyzed exploit summary This repository contains an auto-generated placeholder module for CVE-2026-13316, a Server-Side Request Forgery (SSRF) vulnerability in Foreman. The code includes a basic connectivity check but lacks actual exploit implementation, referencing only external sources for details.

Description

A flaw has been found in foreman when HTTP parameters are modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component.

Exploits (1)

github STUB 1 stars
by HermesNA-1 · pythonpoc
https://github.com/HermesNA-1/SnakeSploit/tree/main/data/modules_generated/cve-2026-13316_flaw_has_been.py

This repository contains an auto-generated placeholder module for CVE-2026-13316, a Server-Side Request Forgery (SSRF) vulnerability in Foreman. The code includes a basic connectivity check but lacks actual exploit implementation, referencing only external sources for details.

Classification
Stub 99%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Theoretical
Target: Foreman (specific version not specified)
No auth needed
Prerequisites: Network access to the Foreman instance · Target must expose HTTP proxies controller endpoints
mistral-large-3 · analyzed Jul 09, 2026 Full analysis →

References (2)

Core 2
Core References
Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-13316
Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat
RHBZ#2490345
https://bugzilla.redhat.com/show_bug.cgi?id=2490345

Scores

CVSS v3 4.4
EPSS 0.0010
EPSS Percentile 1.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-918
Status published
Products (3)
Red Hat/Red Hat Satellite 6
redhat/satellite 6.0 - 6.19
theforeman/foreman
Published Jun 30, 2026
Tracked Since Jun 30, 2026