PT-2026-46066 · Openstack · Ironic
Dmitry Tantsur
+1
·
Published
2026-06-03
·
Updated
2026-06-03
·
CVE-2026-46447
CVSS v3.1
5.8
Medium
| Vector | AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N |
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver info or node.instance info.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ironic