CVE-2016-4985: The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a…

high7.5CVSS 3.0

AVNACLPRNUINSUCHINAN

The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.

Affected

12 ranges

Vendor	Product	Version range	Fixed in
canonical	openstack_ironic	<= 4.2.4	—
canonical	openstack_ironic	—	—
canonical	openstack_ironic	—	—
debian	ironic	< ironic 1:5.1.2-1 (bookworm)	ironic 1:5.1.2-1 (bookworm)
openstack	ironic	>= 0 < 1:5.1.2-1	1:5.1.2-1
openstack	ironic	>= 0 < 1:5.1.2-1	1:5.1.2-1
openstack	ironic	>= 0 < 1:5.1.2-1	1:5.1.2-1
openstack	ironic	>= 0 < 1:5.1.2-1	1:5.1.2-1
openstack	ironic	>= 0 < 4.2.5	4.2.5
openstack	ironic	>= 5.0 < 5.1.2	5.1.2
redhat	openstack	—	—
redhat	openstack	—	—

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

osv7.5HIGH