The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
12 Feb 2023, 23:22
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource. |
02 Feb 2023, 16:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An authentication vulnerability was found in openstack-ironic. A client with network access to the ironic-api service could bypass OpenStack Identity authentication, and retrieve all information about any node registered with OpenStack Bare Metal. If an unprivileged attacker knew (or was able to guess) the MAC address of a network card belonging to a node, the flaw could be exploited by sending a crafted POST request to the node's /v1/drivers/$DRIVER_NAME/vendor_passthru resource. The response included the node's full details, including management passwords, even if the /etc/ironic/policy.json file was configured to hide passwords in API responses. |
04 Aug 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:* |
Information
Published : 2016-07-12 19:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-4985
Mitre link : CVE-2016-4985
CVE.ORG link : CVE-2016-4985
JSON object : View
Products Affected
redhat
- openstack
canonical
- openstack_ironic
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor