RHEL 7 : openstack-ironic (RHSA-2016:1378)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1378 advisory. OpenStack Bare Metal ironic is a tool used to provision bare metal as opposed to virtual machines. It leverages common technologies such as PXE boot...

RHEL 7 : openstack-ironic (RHSA-2016:1377)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1377 advisory. OpenStack Bare Metal ironic is a tool used to provision bare metal as opposed to virtual machines. It leverages common technologies such as PXE boot...

CVE-2016-4985

The ironic-api service in OpenStack Ironic before 4.2.5 Liberty and 5.x before 5.1.2 Mitaka allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the...

CVE-2016-4985

CVE-2016-4985 affects the OpenStack Ironic project, specifically the ironic-api service. The vulnerability allows an attacker with network access to the ironic-api to bypass authentication and retrieve full details of a registered node by knowing the node’s MAC address and sending a crafted POST ...