CVE-2026-40213
Awaiting Analysis Awaiting Analysis - Queue
OpenStack Cyborg Unauthorized API Access via Default Policy

Publication date: 2026-05-07

Last updated on: 2026-05-08

Assigner: MITRE

Description
OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-08
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2026-40213
EUVD
EUVD-2026-28455
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openstack cyborg to 16.0.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenStack Cyborg versions before 16.0.1, where the default policy for multiple API endpoints uses rule:allow with check_str='@'. This means that any request with a valid Keystone token is unconditionally authorized, regardless of the user's roles, project membership, or scope.

As a result, an authenticated user who has no assigned roles can still perform various actions, including reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

Impact Analysis

This vulnerability can allow an authenticated user with minimal privileges to perform unauthorized actions, such as reprogramming FPGA bitstreams on compute nodes. This can lead to unauthorized control over hardware resources, potentially causing data integrity issues, service disruptions, or further exploitation within the affected OpenStack environment.

Mitigation Strategies

To mitigate CVE-2026-40213, you should apply the available patches provided for multiple OpenStack Cyborg versions including 2025.1/epoxy, 2025.2/flamingo, 2026.1/gazpacho, and 2026.2/hibiscus.

The vulnerability is caused by default policy rules using rule:allow, which unconditionally authorizes any request with a valid Keystone token regardless of roles or project scope.

The fix involves replacing the rule:allow policy with stricter rules such as rule:admin_api for sensitive endpoints and rule:project_member_or_admin for accelerator request creation, and ensuring proper token scope validation.

Ensure that your OpenStack Cyborg deployment is updated to a patched version and review your policy files to avoid using rule:allow for critical API endpoints.

Compliance Impact

This vulnerability allows any authenticated user with a valid Keystone token, even with zero role assignments, to perform unauthorized actions such as reprogramming FPGA bitstreams on arbitrary compute nodes. This unauthorized access and potential manipulation of system components could lead to breaches of confidentiality, integrity, and availability of data and systems.

Such unauthorized access and control could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive data and systems. The vulnerability undermines role-based access control mechanisms, increasing the risk of data exposure or system compromise.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40213. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart