Lucene search
K

4 matches found

NVD
NVD
added 2026/06/04 4:17 a.m.11 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46138

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An authenticated project admin or manager can read local files on the Ironic conductor by exploiting the pxe template variable. Recommendations Update to version 35.0.2 or later...

4.9CVSS5.4AI score0.00283EPSS
Exploits0References16
CVE
CVE
added 2026/06/04 12:0 a.m.20 views

CVE-2026-44917

OpenStack Ironic (prior to 35.0.2) is vulnerable to an information-disclosure issue where a malicious authenticated project admin or manager can read local files on the Ironic conductor via a pxe_template. This CVE is documented across multiple sources (OpenStack Ironic, Debian tracker, CVE lists...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application. It is used to configure bare machines rather than virtual machines. Versions of OpenStack Ironic prior to 35.0.2 contained a security vulnerability. This vulnerability stemmed from allowing malicious project administrators or managers to re...

4.9CVSS5.2AI score0.00283EPSS
Exploits0References3
Rows per page
Query Builder