CVE-2026-43000: OpenStack Keystone Privilege Escalation via Application Credential Impersonation
An authenticated attacker with basic member-level permissions on an OpenStack Keystone project can escalate their privileges to administrator by chaining two Keystone features—application credentials and trusts—in an unintended way. The attack exploits a validation gap: when an impersonated token is created, Keystone checks the victim's stored admin role assignment in the database rather than validating against the actual permissions on the requesting token. This allows the attacker to create a trust that delegates the victim's admin privileges to themselves. The resulting admin access persists independently and can be maintained through additional credential chains, while all actions appear in audit logs under the victim's identity.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 6.0 MEDIUM · CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
- Weaknesses (CWE)
- CWE-266, CWE-863
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-05-28 / 2026-06-30
NVD description (verbatim)
An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token carries the victim's identity, which passes the trustor validation check. Keystone then validates the delegated roles against the victim's actual role assignments in the database, not the roles on the requesting token. This allows the attacker to create a trust delegating the victim's admin role to themselves. The trust persists independently, and additional trusts and application credentials can be created to maintain access. All actions are logged under the victim's identity.
5 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability arises from a logic flaw in Keystone's trust delegation mechanism when combined with application credential impersonation. Specifically, during trust creation, Keystone validates delegated roles by querying the victim's actual role assignments in the database (via the trustor identity carried in the impersonated token) rather than enforcing role constraints based on the requesting token's capabilities. This violates the principle of least privilege: an attacker with only member role can craft an application credential impersonation that generates a token appearing to come from a high-privileged user, then exploit the trust validation logic to formally delegate that user's admin role back to themselves. The trust object persists independently of the initial impersonation, enabling sustained access even if the application credential is later revoked. Affected versions are OpenStack Keystone prior to 29.0.2.
Business impact
Successful exploitation enables unauthorized administrative access to an OpenStack environment. An insider or an attacker who has compromised a low-privilege account can gain full control over identity, access, and resource management within the cloud platform. This includes the ability to create additional backdoors, modify permissions, access sensitive data, and disrupt services. The attack is particularly dangerous because audit logs record actions under the victim's identity, potentially masking the intrusion and complicating incident response. Organizations relying on role-based access control (RBAC) as a security boundary within OpenStack will be circumvented.
Affected systems
OpenStack Keystone deployments running versions before 29.0.2 are vulnerable. The attack requires the attacker to have at least member-level role assignment on any project. Keystone is the identity service used by all OpenStack clouds, so any organization using OpenStack for infrastructure-as-a-service (IaaS) is potentially affected. The vulnerability does not require external network access to Keystone APIs—it only requires existing authentication within the platform, making it a lateral escalation threat in multi-tenant or hybrid cloud environments.
Exploitability
This vulnerability requires an authenticated user with member-level project permissions, making it a privilege escalation rather than a zero-day. The CVSS score of 6.0 (MEDIUM) reflects the authentication prerequisite (PR:L) and moderate complexity (AC:H). However, the practical exploitability is significant in environments where: (1) service accounts or application credentials with member role are provisioned, (2) developers or contractors have member access to shared projects, or (3) an attacker has already obtained low-privilege credentials through phishing or lateral movement. The attack does not require user interaction and succeeds silently. No public exploit code is known to be in active use, and the vulnerability is not on the CISA Known Exploited Vulnerabilities (KEV) catalog.
Remediation
Upgrade OpenStack Keystone to version 29.0.2 or later. This patch corrects the trust validation logic to enforce role constraints based on the requesting token's actual capabilities, preventing members from delegating roles they do not possess. Organizations unable to patch immediately should implement compensating controls: restrict application credential creation to trusted administrators, audit trust and credential creation events regularly, and enforce additional MFA for administrative API operations. Monitor for suspicious trust creation patterns, particularly those delegating admin roles from lower-privileged users.
Patch guidance
Verify your Keystone version by checking the deployed release or querying the version endpoint. Keystone versions released before 29.0.2 require patching. Consult your OpenStack distribution (Red Hat OpenStack Platform, Ubuntu OpenStack, etc.) for patch availability and timing. Patches should be deployed in a maintenance window; coordinate with infrastructure teams to avoid service disruption. After patching, validate that trust delegation enforcement is active by testing that a member-role user cannot create trusts delegating admin privileges.
Detection guidance
Monitor Keystone audit logs (typically via oslo.log or external SIEM integration) for: (1) application credential creation by low-privilege users, (2) trust creation events where the delegated role (admin) exceeds the requesting user's role (member), (3) audit entries showing actions performed under a high-privileged user's identity that do not align with that user's normal activity patterns. Implement alerting on trust creation involving sensitive roles. Query the Keystone database directly to identify orphaned or unexpected trusts. In a SIEM, correlate multiple application credential and trust events from the same user over a short timespan as a potential chain attack.
Why prioritize this
Prioritize this patch in environments where: (1) OpenStack Keystone is internet-facing or accessible to untrusted networks, (2) shared projects with many users exist, (3) service accounts are provisioned with member role, or (4) regulatory compliance requires strict segregation of administrative access. While the vulnerability requires prior authentication, its ability to silently escalate member-level access to admin, combined with audit trail obfuscation, makes it a high-priority lateral movement risk. Organizations with strong insider threat programs or defense-in-depth controls may rate it slightly lower, but it should not be deferred indefinitely.
Risk score, explained
CVSS 6.0 (MEDIUM) reflects: Network-based attack vector (AV:N), high complexity due to the need to chain two separate features correctly (AC:H), requirement for low-privilege authentication (PR:L), scope change as the attacker can affect other users' resources (S:C), and partial impact on confidentiality, integrity, and availability (C:L/I:L/A:L). The MEDIUM rating does not fully capture the severity of unconstrained privilege escalation in identity infrastructure; however, CVSS penalties for authentication requirement and attack complexity are appropriate. Security leaders should treat this as a HIGH priority within their OpenStack estate due to the attack's stealth, lateral movement implications, and cloud platform criticality.
Frequently asked questions
Can this vulnerability be exploited without prior authentication to Keystone?
No. The attacker must possess valid credentials with at least member-level role on a project. This is a privilege escalation vulnerability, not a remote code execution or unauthenticated bypass. However, compromised service account credentials or leaked application credentials with member role would be sufficient to trigger the attack.
What is the difference between this vulnerability and typical privilege escalation flaws?
The key distinction is that Keystone's trust mechanism is explicitly designed to allow users to delegate roles to other users or applications. The vulnerability is that the delegation validation checks the victim's actual role in the database (which is high) rather than the attacker's role in the requesting token (which is low). This causes Keystone to permit a delegation that should be blocked by access control policy.
If we have application credentials disabled or restricted, are we protected?
Partially. The vulnerability requires application credential impersonation to craft an impersonated token carrying the victim's identity. However, if application credentials are completely unavailable or restricted to administrators, the attack surface is reduced. That said, Keystone trusts themselves can be misused for escalation even without application credentials if other token issuance methods are exploited. Upgrade to 29.0.2 to fix the root cause.
Does the attacker's activity appear in audit logs?
Yes, but under the victim's identity. This is dangerous because it obscures the real attacker's involvement. All actions performed using the escalated admin trust appear as if the victim performed them. Detecting the attack requires analyzing the correlation between low-privilege users and trust/credential creation events, or comparing action patterns to the victim's baseline behavior.
This analysis is based on the CVE record and vendor advisories as of the publication date. The information provided is for educational and defensive purposes only. No exploit code or weaponized proof-of-concept is provided. Organizations should verify patch availability with their OpenStack distribution provider and test patches in non-production environments before deployment. Security controls and threat models vary; this guidance should be adapted to your specific infrastructure and risk profile. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-42998MEDIUMOpenStack Keystone Application Credential Authentication Bypass
- CVE-2026-42999MEDIUMOpenStack Keystone RBAC Bypass via JSON Request Body Injection
- CVE-2026-44394MEDIUMOpenStack Keystone Federated Token Rescoping Bypass – MEDIUM Severity
- CVE-2026-10070MEDIUMmacrozheng mall Admin Authorization Bypass in /admin/update/
- CVE-2026-10152MEDIUMImproper Access Control in TaleLin lin-cms-spring-boot Book Endpoint
- CVE-2026-10211MEDIUMAstrBot 4.23.6 Path Normalization Authorization Bypass
- CVE-2026-10215MEDIUMDolibarr Leave Request API Authorization Bypass
- CVE-2026-10217MEDIUMGoClaw Privilege Escalation in RoleAdmin Gateway (CVSS 6.3)