CVE-2026-40213 PUBLISHED

Assigner: mitre
Reserved: 10.04.2026 Published: 07.05.2026 Updated: 07.05.2026

OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
CVSS Score: 7.4

Attack Vector	Network	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	Low
Privileges Required	Low	Integrity Impact	Low
User Interaction	None	Availability Impact	Low

CVSS 3.1

Product Status

Vendor	OpenStack
Product	Cyborg
Versions	Default: unaffected affected from 5.0.0 to 14.0.1 (excl.) affected from 15.0.0 to 15.0.1 (excl.) affected from 16.0.0 to 16.0.1 (excl.)

References

Problem Types

CWE-863 Incorrect Authorization CWE