OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
rhn.redhat.com/errata/RHSA-2015-2685.html
access.redhat.com/errata/RHSA-2015:1929
access.redhat.com/errata/RHSA-2015:2685
access.redhat.com/security/cve/CVE-2015-5306
bugs.launchpad.net/ironic-inspector/+bug/1506419
bugzilla.redhat.com/show_bug.cgi?id=1273698
nvd.nist.gov/vuln/detail/CVE-2015-5306
opendev.org/openstack/ironic-inspector/commit/77d0052c5133034490386fbfadfdb1bdb49aa44f