TILLBAKA TILL DASHBOARD

CVE-2026-22797

Källa: cve@mitre.org

CRITICAL
9.9 CVSS Score

EXPLOTATION STATUS & MITIGATIONS

EXPLOIT STATUS
NO KNOWN EXPLOIT
REMEDIATION
PENDING

PÅVERKADE KLIENTER/MJUKVARA

Ingen specifik mjukvaruinformation extraherad.

BESKRIVNING

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middleware are affected.

TEKNISK DATA

{
  "id": "CVE-2026-22797",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2026-01-19T18:16:04.950",
  "lastModified": "2026-01-19T19:16:03.727",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middleware are affected."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cve@mitre.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve@mitre.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://launchpad.net/bugs/2129018",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.openwall.com/lists/oss-security/2026/01/16/9",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2026/01/15/1",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2026/01/16/2",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2026/01/16/3",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2026/01/16/9",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}

Status

Vuln Status:Received
Publicerad:1/19/2026
Uppdaterad:1/19/2026

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
ÖPPNA I NVD