何が起きたか
2026-06-23 に Foreman MCP サーバーに対して 2 つの CVE が公開されました: CVE-2026-12112 (
なぜ重要か
Foreman manages the complete lifecycle of servers and infrastructure. An MCP server wrapping Foreman with session hijack and credential-logging flaws means an AI agent connecting to Foreman MCP could be manipulated into leaking administrative sessions or have its own session stolen — compromising the entire managed infrastructure through the AI orchestration layer.
攻撃経路
(CVE-2026-12112) Unauthenticated attacker provides a non-secret session ID; server improperly caches authenticated client connections and re-uses them without re-validating, allowing session hijack of active administrative sessions. (CVE-2026-9073) Session identifiers (treated as auth credentials) are logged at INFO level; debug logging also exposes full auth data in logs.
影響を受けるシステム
foreman-mcp-server (all versions prior to RHSA-2026:28438 patch)
緩和策
Apply Red Hat errata RHSA-2026:28438. Advisory: https://access.redhat.com/errata/RHSA-2026:28438