Lucene search
RedhatCVELIST:CVE-2016-4985HistoryJul 12, 2016 - 7:00 p.m.
CVE-2016-4985
2016-07-1219:00:00
redhat
www.cve.org
The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.
Related
redhat
redhat
(RHSA-2016:1377) Moderate: openstack-ironic security update
2016-07-04 05:39:46
(RHSA-2016:1378) Moderate: openstack-ironic security update
2016-07-04 05:39:51
cve
cve
CVE-2016-4985
2016-07-12 19:59:04
redhatcve
redhatcve
CVE-2016-4985
2016-06-22 07:48:50
prion
prion
Code injection
2016-07-12 19:59:00
nvd
nvd
CVE-2016-4985
2016-07-12 19:59:04
github
github
OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor
2022-05-13 01:07:34
veracode
veracode
Information Disclosure
2019-01-15 09:12:02
debiancve
debiancve
CVE-2016-4985
2016-07-12 19:59:04
ubuntucve
ubuntucve
CVE-2016-4985
2016-07-12 00:00:00