Remote Code Execution in OpenStack Ironic Inspector via Flask Console Access

Remote Code Execution in OpenStack Ironic Inspector via Flask Console Access

CVE-2015-5306 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.

Learn more about our Web Application Penetration Testing UK.