OpenStack Ironic <37.0.1 IPMI send_raw RCE
CVE-2026-54423 Published on July 10, 2026
In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the send_raw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control.
Vulnerability Analysis
CVE-2026-54423 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Improper Protection of Alternate Path
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
Products Associated with CVE-2026-54423
Want to know whenever a new CVE is published for OpenStack Ironic? stack.watch will email you.
Affected Versions
OpenStack Ironic:- Version 22.1.0 and below 29.0.6 is affected.
- Version 30.0.0 and below 32.0.2 is affected.
- Version 32.0.0 and below 35.0.2 is affected.
- Version 36.0.0 and below 37.0.1 is affected.