CVE Catalog

CVE-2026-42510

MediumCVSS 6.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.53%

41th percentile - higher than 41% of all known CVEs

Summary

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.

Risk Assessment

Exploitation of this vulnerability may lead to unauthorized access to hardware management systems, posing a serious threat to infrastructure security.

Recommendation

It is recommended to upgrade OpenStack Ironic to version 35.0.1 or later to mitigate this vulnerability.

Original NVD description (English source)

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS