Description
OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.
Published: 2026-05-07
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenStack Cyborg prior to version 16.0.1 employs a default policy rule that authorizes any request possessing a valid Keystone token, without evaluating the user’s role, project membership, or scope. This unconditional allowance enables an authenticated user who has no role assignments to carry out privileged operations, such as reprogramming FPGA bitstreams on compute nodes through the agent RPC interface. The vulnerability stems from a misconfigured access control policy (CWE‑863) and can lead to significant loss of integrity and control over infrastructure components.

Affected Systems

The affected system is OpenStack Cyborg, a project within the OpenStack ecosystem. All releases older than 16.0.1 inherit the default permissive policy and are therefore vulnerable.

Risk and Exploitability

The CVSS score of 7.4 categorizes this flaw as high severity. Although the EPSS score is not available, the lack of a KEV listing indicates that the vulnerability is not in the current known exploited list, yet the possibility of exploitation remains. The likely attack vector is the public API; once an attacker obtains a valid token—such as through legitimate authentication—the exploit can proceed without further privilege checks. If additional network isolation of CPM endpoints is not in place, the risk of unintended hardware reprogramming rises.

Generated by OpenCVE AI on May 7, 2026 at 23:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the OpenStack Cyborg update to version 16.0.1 or later, which replaces the default @ rule with a stricter policy.
  • Modify the policy file to replace or remove the allow rule for the affected endpoints, enforcing role and scope checks for API access.
  • Conduct a comprehensive policy audit to verify that all API endpoints require appropriate roles and that no custom rules unintentionally re‑enable permissive access.

Generated by OpenCVE AI on May 7, 2026 at 23:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6315-1 cyborg security update
Github GHSA Github GHSA GHSA-mm7j-mhhj-hj36 OpenStack Cyborg uses rule:allow (check_str='@') as the default policy for multiple API endpoints
History

Sun, 10 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Openstack
Openstack cyborg
Vendors & Products Openstack
Openstack cyborg

Fri, 08 May 2026 16:00:00 +0000

Type Values Removed Values Added
References

Fri, 08 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 08 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Unrestricted API Access Enables Unauthorized FPGA Reprogramming in OpenStack Cyborg

Thu, 07 May 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.
Weaknesses CWE-863
References
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L'}

Subscriptions

Openstack Cyborg
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-08T15:47:07.733Z

Reserved: 2026-04-10T00:00:00.000Z

Link: CVE-2026-40213

cve-icon Vulnrichment

Updated: 2026-05-08T13:55:49.768Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-07T22:16:34.910

Modified: 2026-05-08T16:16:10.770

Link: CVE-2026-40213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-10T21:26:32Z

Weaknesses