CVE-2015-5306

Medium CVSS 6.8

Overview

OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.

CWE: CWE-254 Published: 2015-11-25T20:59:06.273

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.8 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags