SQL Injection

2019-07-0800:07:12

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.005 Low

EPSS

Percentile

76.1%

JSON

openstack-ironic-inspector is vulnerable to SQL Injection attacks. An attacker could exploit a flaw in the openstack-ironic-inspector’s node_cache.find_node() function to pass malicious data via a network on which ironic-inspector is listening which leads to denial of service conditions.

CPENameOperatorVersion
openstack-ironic-inspectoreq7.2.1__1.el7
openstack-ironic-inspectoreq7.2.1__4.el7ost
openstack-ironic-inspectoreq5.0.1__3.el7ost
openstack-ironic-inspectoreq6.0.0__1.el7
openstack-ironic-inspectoreq5.0.1__1.el7
openstack-ironic-inspectoreq6.0.2__1.el7
openstack-ironic-inspectoreq8.0.2__0.20181219092843.9b6133b.el7ost
openstack-ironic-inspectoreq8.0.1__0.20180924215820.e89450c.el7ost
openstack-ironic-inspectoreq4.2.2__4.el7ost
openstack-ironic-inspectoreq4.2.2__5.el7ost

Name	Operator	Version
openstack-ironic-inspector	eq	7.2.1__1.el7
openstack-ironic-inspector	eq	7.2.1__4.el7ost
openstack-ironic-inspector	eq	5.0.1__3.el7ost
openstack-ironic-inspector	eq	6.0.0__1.el7
openstack-ironic-inspector	eq	5.0.1__1.el7
openstack-ironic-inspector	eq	6.0.2__1.el7
openstack-ironic-inspector	eq	8.0.2__0.20181219092843.9b6133b.el7ost
openstack-ironic-inspector	eq	8.0.1__0.20180924215820.e89450c.el7ost
openstack-ironic-inspector	eq	4.2.2__4.el7ost
openstack-ironic-inspector	eq	4.2.2__5.el7ost