CVE-2026-22797

CWE-2908 documents8 sources
Severity
9.9CRITICAL
EPSS
0.1%
top 65.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openstack Keystonemiddleware
Timeline
PublishedJan 19
Latest updateFeb 3

Description

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middlew

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:LExploitability: 3.1 | Impact: 6.0

Affected Packages2 packages

CVEListV5openstack/keystonemiddleware10.5.010.7.2+2
Debianpython-keystonemiddleware< 10.9.0-2+deb13u1+1

🔴Vulnerability Details

3
GHSA
GHSA-4428-9rh9-r27g: An issue was discovered in OpenStack keystonemiddleware 102026-01-19
CVEList
CVE-2026-22797: An issue was discovered in OpenStack keystonemiddleware 102026-01-19
OSV
CVE-2026-22797: An issue was discovered in OpenStack keystonemiddleware 102026-01-19

📋Vendor Advisories

3
Ubuntu
Keystone Middleware vulnerability2026-02-03
Red Hat
keystonemiddleware: OpenStack keystonemiddleware: Privilege escalation and user impersonation via forged authentication headers2026-01-19
Debian
CVE-2026-22797: python-keystonemiddleware - An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-22797 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-22797 (CRITICAL CVSS 9.9) | An issue was discovered in OpenStac | cvebase.io