HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-12398Published Modified CNA redhat

CVE-2026-12398: Galaxy_ng: shell injection in legacy role import via unsanitized git ref names

A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell commands executed via subprocess.run() with shell=True. An authenticated user who controls a git repository can create a branch or tag with shell metacharacters in the name to achieve remote code execution on the pulp worker. The vulnerable endpoint is only reachable when GALAXY_ENABLE_LEGACY_ROLES is set to True, which is not the default configuration.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
5

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A command injection vulnerability in galaxy_ng allows an authenticated user to achieve remote code execution on the pulp worker by crafting a git branch or tag name containing shell metacharacters. The vulnerable code path is reachable over the network but only when the GALAXY_ENABLE_LEGACY_ROLES configuration flag is set to True, which is not the default. Successful exploitation gives the attacker full read, write, and execution capability on the affected worker process. No upstream fix has been published yet; HarborGuard is tracking the advisory and will make a patched rebuild available as soon as one is released.

HarborGuard Coverage

Detection

Detection of CVE-2026-12398 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream advisory feeds, including custom-built images that bundle galaxy_ng. Coverage applies to images in connected registries as well as images scanned inline during CI/CD pipeline runs.

Available
Triage

HarborGuard scores this CVE at 7.5 HIGH per the CVSS v3.1 vector and is capable of weighting that score against each customer environment's compliance policy to reflect factors such as whether GALAXY_ENABLE_LEGACY_ROLES is enabled. Routed findings are delivered to the inbox or ticketing integration configured for each customer organization.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. For customers with auto-remediation enabled, the rebuild, regression-test run, and PR against affected workloads will be triggered automatically at that point.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable legacy role import API endpoint is exposed over the network, so an attacker must be able to reach the service remotely to submit a malicious import request.

  • AuthenticationRequired

    The attacker must hold at least a low-privilege authenticated account, as the import API requires a valid user session before processing any git ref.

  • Victim interactionNot required

    No victim action is needed; the attacker submits the malicious git ref name directly through their own authenticated API call.

  • Attack complexityDetail

    Exploitation is rated High complexity, meaning the attacker must control an external git repository and craft a branch or tag name with shell metacharacters, but no race condition or memory-layout dependency is involved.

Blast Radius

  • Reads any files accessible to the pulp worker process, including secrets, credentials, and configuration data stored on the host.
  • Writes or overwrites files on the worker host, enabling persistence mechanisms or corruption of task queues.
  • Executes arbitrary OS commands on the pulp worker, allowing lateral movement within the cluster or deployment of additional payloads.
  • Disrupts the pulp worker process or the broader Ansible Automation Platform job execution pipeline if the attacker chooses to crash or destabilize it.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-12398 is active across customer environments, matching any image that includes an affected version of galaxy_ng. Because no upstream patch exists yet, the recommended immediate compensating control is to ensure GALAXY_ENABLE_LEGACY_ROLES is set to False (the default) in all deployment configurations, which removes the vulnerable endpoint from the attack surface entirely. Where network policy controls are available, restricting access to the legacy role import API endpoint to trusted source addresses reduces exposure for environments where the legacy feature must remain enabled. HarborGuard re-evaluates the advisory on every ingest cycle; the moment Red Hat publishes a fix, a patched-image rebuild becomes available, and for customers with auto-remediation enabled, the rebuild, regression-test run, and pull request against affected workloads are triggered automatically.

See how HarborGuard automates this
Affected packages
  • Red Hat / Red Hat Ansible Automation Platform 2
  • Red Hat / Red Hat Ansible Automation Platform 2
  • Red Hat / Red Hat Ansible Automation Platform 2
  • Red Hat / Red Hat Ansible Automation Platform 2
  • Red Hat / Red Hat Ansible Automation Platform 2
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References