OpenStack Keystone Vulnerability in Authentication Mechanism
CVE-2025-65073

7.5HIGH

Key Information:

Vendor: Openstack
Status: Keystone
Vendor: CVE Published:; 17 November 2025

What is CVE-2025-65073?

The OpenStack Keystone service prior to specified versions contains a security issue that allows an attacker to use a valid AWS Signature in requests to /v3/ec2tokens or /v3/s3tokens endpoints. This flaw can enable unauthorized Keystone authorization, potentially impacting the integrity of user sessions within OpenStack environments.

Affected Version(s)

Keystone 0 < 26.0.1

Keystone 27.0.0

Keystone 28.0.0

References

https://www.openwall.com/lists/oss-security/2025/11/04/2

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2025
Vulnerability Reserved
Nov 17, 2025

JSON

Openstack

What is CVE-2025-65073?

Affected Version(s)

References

CVSS V3.1

Timeline