Lucene search

K

Veracode Vulnerability DatabaseVERACODE:11831

HistoryJan 15, 2019 - 9:08 a.m.

Arbitrary Code Execution

2019-01-1509:08:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

EPSS

0.007

Percentile

79.5%

openstack-ironic-discoverd is vulnerable to arbitrary code execution. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables debug mode in the underlying Flask framework. If errors are encountered while Flask is in debug mode, a user experiencing an error may be able to access the debug console and execute arbitrary Python code.

References

rhn.redhat.com/errata/RHSA-2015-2685.html

rhn.redhat.com/errata/RHSA-2015-2685.html

access.redhat.com/errata/RHSA-2015:1929

access.redhat.com/errata/RHSA-2015:1929

access.redhat.com/errata/RHSA-2015:2685

access.redhat.com/security/cve/CVE-2015-5306

access.redhat.com/security/updates/classification/#important

bugs.launchpad.net/ironic-inspector/+bug/1506419

bugs.launchpad.net/ironic-inspector/+bug/1506419

bugzilla.redhat.com/show_bug.cgi?id=1256421

bugzilla.redhat.com/show_bug.cgi?id=1273698

bugzilla.redhat.com/show_bug.cgi?id=1273698

rhn.redhat.com/errata/RHSA-2015-1929.html

EPSS

0.007

Percentile

79.5%

Related for VERACODE:11831

debiancve1 openvas1 redhat2 osv2 nvd1 prion1 fedora2 cvelist1 cve1 github1 nessus2