PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-22797 OpenStack CVE debrief

A critical vulnerability was discovered in OpenStack keystonemiddleware versions 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens, allowing an authenticated attacker to escalate privileges or impersonate other users by sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id. This vulnerability has a CVSS score of 9.9 and is considered CRITICAL. All deployments using the external_oauth2_token middleware are affected. Users should update to the latest version of keystonemiddleware to mitigate this vulnerability.

Vendor
OpenStack
Product
keystonemiddleware
CVSS
CRITICAL 9.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-19
Original CVE updated
2026-06-30
Advisory published
2026-01-19
Advisory updated
2026-06-30

Who should care

OpenStack users and administrators who utilize the keystonemiddleware component should be aware of this vulnerability and take immediate action to update their systems. This vulnerability can allow an authenticated attacker to escalate privileges or impersonate other users, potentially leading to unauthorized access and control of the system.

Technical summary

The external_oauth2_token middleware in OpenStack keystonemiddleware fails to properly sanitize incoming authentication headers before processing OAuth 2.0 tokens. This allows an authenticated attacker to send forged identity headers, such as X-Is-Admin-Project, X-Roles, or X-User-Id, to escalate privileges or impersonate other users. The vulnerability has a CVSS score of 9.9 and is considered CRITICAL. The affected versions are 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1.

Defensive priority

High

Recommended defensive actions

  • Update keystonemiddleware to the latest version
  • Review and sanitize incoming authentication headers
  • Monitor system logs for suspicious activity
  • Implement additional security measures to prevent privilege escalation
  • Verify and validate user identities and roles

Evidence notes

The CVE record and NVD detail provide information on the vulnerability, its impact, and affected versions. The OpenStack keystonemiddleware component is affected by this vulnerability, which can allow an authenticated attacker to escalate privileges or impersonate other users.

Official resources

This article is AI-assisted and based on the supplied source corpus.