CVE-2026-22797

high

Red Hat

CVSS v3 Base Score

9.9

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

Published: January 19, 2026

Last Modified: January 19, 2026

Vendor: Red Hat

Description

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middleware are affected.

CWE

CWE-290

Affected Products

Red Hat OpenStack Platform 13 (Queens)Red Hat OpenStack Platform 16.2Red Hat OpenStack Platform 17.1Red Hat OpenStack Platform 18.0Red Hat OpenShift Container Platform 4.2Red Hat OpenShift Container Platform 4.21

Fix Status

✅ Fix Available

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 launchpad.net 🔗 www.openwall.com

CVE-2026-22797

Vulnerability Report

Description

CWE

Affected Products

Fix Status

References