CVE-2026-43000

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 29.0.2

Description A privilege escalation issue exists where an attacker with a member role on a project can escalate their privileges to admin. This is achieved by chaining unrestricted application credentials with Keystone trusts in conjunction with an application credential impersonation flaw. The impersonated token uses the victim's identity to pass the trustor validation check. Keystone then validates delegated roles against the victim's actual role assignments in the database rather than the roles on the requesting token, allowing the attacker to create a trust that delegates the victim's admin role to themselves. This trust persists independently, enabling the creation of further trusts and application credentials to maintain access, with all actions logged under the victim's identity.

Recommendations Update to version 29.0.2 or later.