CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://bugs.launchpad.net/ironic/+bug/2148319	Issue Tracking
https://www.openwall.com/lists/oss-security/2026/06/03/13	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/06/03/13	Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openstack:ironic::::::::
	cpe:2.3:a:openstack:ironic::::::::
	cpe:2.3:a:openstack:ironic::::::::
	cpe:2.3:a:openstack:ironic::::::::

History

04 Jun 2026, 18:40

Type	Values Removed	Values Added
CPE		cpe:2.3:a:openstack:ironic::::::::
References	~~() https://bugs.launchpad.net/ironic/+bug/2148319 -~~	() https://bugs.launchpad.net/ironic/+bug/2148319 - Issue Tracking
References	~~() https://www.openwall.com/lists/oss-security/2026/06/03/13 -~~	() https://www.openwall.com/lists/oss-security/2026/06/03/13 - Mailing List, Third Party Advisory
References	~~() http://www.openwall.com/lists/oss-security/2026/06/03/13 -~~	() http://www.openwall.com/lists/oss-security/2026/06/03/13 - Mailing List, Third Party Advisory
First Time		Openstack Openstack ironic

04 Jun 2026, 07:16

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2026/06/03/13 -

04 Jun 2026, 04:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-04 04:17

Updated : 2026-06-04 18:40

NVD link : CVE-2026-44917

Mitre link : CVE-2026-44917

CVE.ORG link : CVE-2026-44917

JSON object : View

Products Affected

openstack

ironic

CWE

CWE-669

Incorrect Resource Transfer Between Spheres

4.9 /10