Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack 信息泄露漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。 OpenStack存在信息泄露漏洞。远程攻击者可借助已知网卡的MAC地址,并向v1/drivers/$DRIVER_NAME/vendor_passthru资源发送POST请求利用该漏洞获取与注册节点相关的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A