{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-42510", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-04-28T04:53:10.221Z", "datePublished": "2026-04-28T04:53:10.789Z", "dateUpdated": "2026-04-30T03:05:07.152Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Ironic", "vendor": "OpenStack", "versions": [{"lessThanOrEqual": "26.1.6", "status": "affected", "version": "4.3.0", "versionType": "semver"}, {"lessThanOrEqual": "29.0.5", "status": "affected", "version": "27.0.0", "versionType": "semver"}, {"lessThanOrEqual": "32.0.1", "status": "affected", "version": "30.0.0", "versionType": "semver"}, {"lessThanOrEqual": "35.0.1", "status": "affected", "version": "33.0.0", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.3.0", "versionEndIncluding": "26.1.6"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "27.0.0", "versionEndIncluding": "29.0.5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "30.0.0", "versionEndIncluding": "32.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "33.0.0", "versionEndIncluding": "35.0.1"}]}]}], "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T05:34:41.661Z"}, "references": [{"url": "https://bugs.launchpad.net/ironic/+bug/2148331"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T12:35:30.564628Z", "id": "CVE-2026-42510", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:36:25.209Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/30/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-30T03:05:07.152Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/30/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-30T03:05:07.152Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-42510", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-28T12:35:30.564628Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:35:54.279Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OpenStack", "product": "Ironic", "versions": [{"status": "affected", "version": "4.3.0", "versionType": "semver", "lessThanOrEqual": "26.1.6"}, {"status": "affected", "version": "27.0.0", "versionType": "semver", "lessThanOrEqual": "29.0.5"}, {"status": "affected", "version": "30.0.0", "versionType": "semver", "lessThanOrEqual": "32.0.1"}, {"status": "affected", "version": "33.0.0", "versionType": "semver", "lessThanOrEqual": "35.0.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://bugs.launchpad.net/ironic/+bug/2148331"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "26.1.6", "versionStartIncluding": "4.3.0"}, {"criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "29.0.5", "versionStartIncluding": "27.0.0"}, {"criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "32.0.1", "versionStartIncluding": "30.0.0"}, {"criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "35.0.1", "versionStartIncluding": "33.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T05:34:41.661Z"}}}, "cveMetadata": {"cveId": "CVE-2026-42510", "state": "PUBLISHED", "dateUpdated": "2026-04-30T03:05:07.152Z", "dateReserved": "2026-04-28T04:53:10.221Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-28T04:53:10.789Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "id": "CVE-2026-42510", "lastModified": "2026-04-30T04:16:14.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-04-28T06:16:04.100", "references": [{"source": "cve@mitre.org", "url": "https://bugs.launchpad.net/ironic/+bug/2148331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2026/04/30/1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{"bugzilla": {"description": "OpenStack Ironic: ipmitool: OpenStack Ironic: Arbitrary Code Execution via Remote Hardware Management", "id": "2463371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463371"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-78", "details": ["A flaw was found in OpenStack Ironic. When configured with a console interface in a non-default setup, this vulnerability allows an attacker to execute `ipmitool` commands. This unauthorized execution can lead to remote management of the underlying hardware, potentially resulting in arbitrary code execution, privilege escalation, and complete control over the affected system."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, avoid enabling the console interface in OpenStack Ironic if it is not strictly required for your operational needs. If the console interface is enabled, ensure that access to the OpenStack Ironic service is restricted to trusted administrative networks to prevent unauthorized `ipmitool` command execution. Any changes to Ironic configuration may require a service restart to take effect, which could impact ongoing bare metal provisioning operations."}, "name": "CVE-2026-42510", "package_state": [{"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openstack-ironic", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "openstack-ironic", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "openstack-ironic", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Fix deferred", "package_name": "openstack-ironic", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2026-04-28T04:53:10Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-42510\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-42510\nhttps://bugs.launchpad.net/ironic/+bug/2148331"], "threat_severity": "Moderate"}