{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-42510", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-04-28T04:53:10.221Z", "datePublished": "2026-04-28T04:53:10.789Z", "dateUpdated": "2026-04-28T12:36:25.209Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Ironic", "vendor": "OpenStack", "versions": [{"lessThanOrEqual": "26.1.6", "status": "affected", "version": "4.3.0", "versionType": "semver"}, {"lessThanOrEqual": "29.0.5", "status": "affected", "version": "27.0.0", "versionType": "semver"}, {"lessThanOrEqual": "32.0.1", "status": "affected", "version": "30.0.0", "versionType": "semver"}, {"lessThanOrEqual": "35.0.1", "status": "affected", "version": "33.0.0", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.3.0", "versionEndIncluding": "26.1.6"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "27.0.0", "versionEndIncluding": "29.0.5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "30.0.0", "versionEndIncluding": "32.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "33.0.0", "versionEndIncluding": "35.0.1"}]}]}], "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T05:34:41.661Z"}, "references": [{"url": "https://bugs.launchpad.net/ironic/+bug/2148331"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T12:35:30.564628Z", "id": "CVE-2026-42510", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:36:25.209Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-42510", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-04-28T04:53:10.221Z", "datePublished": "2026-04-28T04:53:10.789Z", "dateUpdated": "2026-04-28T12:36:25.209Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Ironic", "vendor": "OpenStack", "versions": [{"lessThanOrEqual": "26.1.6", "status": "affected", "version": "4.3.0", "versionType": "semver"}, {"lessThanOrEqual": "29.0.5", "status": "affected", "version": "27.0.0", "versionType": "semver"}, {"lessThanOrEqual": "32.0.1", "status": "affected", "version": "30.0.0", "versionType": "semver"}, {"lessThanOrEqual": "35.0.1", "status": "affected", "version": "33.0.0", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.3.0", "versionEndIncluding": "26.1.6"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "27.0.0", "versionEndIncluding": "29.0.5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "30.0.0", "versionEndIncluding": "32.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*", "versionStartIncluding": "33.0.0", "versionEndIncluding": "35.0.1"}]}]}], "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T05:34:41.661Z"}, "references": [{"url": "https://bugs.launchpad.net/ironic/+bug/2148331"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-42510", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-28T12:35:30.564628Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:35:54.279Z"}}]}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface."}], "id": "CVE-2026-42510", "lastModified": "2026-04-28T07:16:03.500", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-04-28T06:16:04.100", "references": [{"source": "cve@mitre.org", "url": "https://bugs.launchpad.net/ironic/+bug/2148331"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.3.0,26.1.6]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[27.0.0,29.0.5]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[30.0.0,32.0.1]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[33.0.0,35.0.1]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Ironic", "source": "cna", "vendor": "OpenStack"}, "product": "ironic", "vendor": "openstack"}], "analysis": {"en": {"generated_at": "2026-04-28T12:27:14.823922+00:00", "value": {"mitigation_remediation": ["Upgrade OpenStack\u202fIronic to version\u202f35.0.1 or later", "Disable or remove any non\u2011default console interfaces that expose ipmitool functionality", "Apply network or firewall rules to limit access to the console interface only to trusted administrators"], "summary": {"action": "Apply Patch", "impact": "Remote Command Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects OpenStack\u202fIronic deployments using any version older than 35.0.1. No other vendors or products are listed as affected.", "description_and_impact": "OpenStack\u202fIronic versions prior to 35.0.1 allow an attacker who can access a non\u2011default console interface to invoke ipmitool and execute arbitrary commands on the target node. This flaw is classified as CWE\u2011829 because the component fails to restrict the resources it exposes. If exploited, an attacker could control the node\u2019s underlying hardware or operating system, potentially leading to full system compromise.", "risk_and_exploitability": "The CVSS score of 6.6 indicates medium severity. EPSS data is unavailable, and the flaw is not listed in CISA\u2019s KEV catalog, suggesting no confirmed large\u2011scale exploitation yet. The likely attack vector is an authenticated or collaborative administrator who interacts with the console interface that is not configured to default settings. Successful exploitation would require the attacker to supply an ipmitool command through that interface, resulting in remote command execution on the node machine."}}}}, "created": "2026-04-28T08:30:13.034088+00:00", "title": "Non\u2011Default ipmitool Execution in OpenStack\u202fIronic Console Interface", "updated": "2026-04-28T12:30:31.067958+00:00", "vendors": ["openstack", "openstack$PRODUCT$ironic"]}