CVE-2026-46447
Received
Received - Intake
Boot Script Injection in OpenStack Ironic
Publication date: 2026-06-03
Last updated on: 2026-06-03
Assigner: MITRE
Description
Description
OpenStack Ironic through 35.0.x allows Boot Script Injection.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openstack | ironic | From 35.0.0 (inc) to 35.0.999 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Boot Script Injection issue in OpenStack Ironic versions up to 35.0.x. It allows an attacker to inject malicious boot scripts during the provisioning process.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to execute arbitrary code or commands during the boot process of a machine managed by OpenStack Ironic, potentially leading to unauthorized access, system compromise, or disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70