2451037 – (CVE-2026-33551) CVE-2026-33551 openstack-keystone: OpenStack Keystone: Privilege escalation through EC2 credential creation

Bug 2451037 (CVE-2026-33551) - CVE-2026-33551 openstack-keystone: OpenStack Keystone: Privilege escalation through EC2 credential creation

Summary: CVE-2026-33551 openstack-keystone: OpenStack Keystone: Privilege escalation t...

Keywords:
Status:	NEW
Alias:	CVE-2026-33551
Deadline:	2026-04-07
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-03-25 00:11 UTC by OSIDB Bzimport
Modified:	2026-04-13 19:10 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-03-25 00:11:30 UTC

Maxence Bornecque from Orange Cyberdefense CERT Vulnerability Intelligence Watch Team reported a vulnerability in Keystone's EC2 credential creation endpoint. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role may obtain an EC2/S3 credential that carries the full set of the parent user's S3 permissions, effectively bypassing the role restrictions imposed on the application credential. Only deployments that use restricted application credentials in combination with the EC2/S3 compatibility API (swift3 / s3api) are affected.

Note You need to log in before you can comment on or make changes to this bug.