Lucene search
+L

8 matches found

euvd
euvd
added 2026/05/05 9:31 p.m.11 views

EUVD-2026-27428

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS5.8AI score0.0044EPSS
Exploits0References3
nvd
nvd
added 2026/05/05 7:16 p.m.9 views

CVE-2026-42997

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS0.0044EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/05/05 12:0 a.m.7 views

CVE-2026-42997

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS5.8AI score0.0044EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/05/05 12:0 a.m.18 views

CVE-2026-42997

CVE-2026-42997 affects iDRAC in OpenStack Ironic (pre-35.0.1). During import, a user invoking molds can trigger authorization to a remote endpoint, forwarding a credential: either a time-limited Keystone token (granting access to all services Ironic is authorized for) or basic credentials for mol...

7.7CVSS5.8AI score0.0044EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2026/05/05 12:0 a.m.43 views

CVE-2026-42997

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS0.0044EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/05/08 12:0 a.m.6 views

Arista Networks CloudVision Portal 安全漏洞

Arista Networks CloudVision Portal is a suite of web-based user management portals for the CloudVision platform from Arista Networks, USA. The product includes features such as network device configuration, compliance management, change management, and network monitoring management. A security...

8.7CVSS6.8AI score0.00514EPSS
Exploits0References1
attackerkb
attackerkb
added 2017/08/29 3:29 p.m.2 views

CVE-2017-12867

The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...

5.9CVSS5.5AI score0.0125EPSS
Exploits0References4
osv
osv
added 2017/08/29 3:29 p.m.4 views

DEBIAN-CVE-2017-12867

The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...

5.9CVSS9.3AI score0.0125EPSS
Exploits0References1
Rows per page
Query Builder