CVE-2016-4985 — Sensitive Information Exposure in Ironic
CWE-200 — Sensitive Information ExposureCWE-290 — Authentication Bypass by Spoofing10 documents7 sources
Severity
7.5HIGHNVD
EPSS
0.8%
top 26.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 12
Latest updateMay 13
Description
The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages4 packages
🔴Vulnerability Details
4📋Vendor Advisories
2💬Community
3Bugzilla▶
CVE-2016-4985 openstack-ironic: Ironic Node information including credentials exposed to unauthenticated users [fedora-all]↗2016-06-22
Bugzilla▶
CVE-2016-4985 openstack-ironic: Ironic Node information including credentials exposed to unauthenticated users [openstack-rdo]↗2016-06-22
Bugzilla▶
CVE-2016-4985 openstack-ironic: Ironic Node information including credentials exposed to unauthenticated users↗2016-06-14