Vulnerability Details CVE-2015-5306
OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.6%
CVSS Severity
CVSS v2 Score 6.8
References
- http://rhn.redhat.com/errata/RHSA-2015-2685.html
- https://access.redhat.com/errata/RHSA-2015:1929
- https://bugs.launchpad.net/ironic-inspector/+bug/1506419
- https://bugzilla.redhat.com/show_bug.cgi?id=1273698
- http://rhn.redhat.com/errata/RHSA-2015-2685.html
- https://access.redhat.com/errata/RHSA-2015:1929
- https://bugs.launchpad.net/ironic-inspector/+bug/1506419
- https://bugzilla.redhat.com/show_bug.cgi?id=1273698
Products affected by CVE-2015-5306
-
cpe:2.3:a:openstack:ironic_inspector:*