Base Score

HIGH7.5

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.

VectorNETWORK

Published Bycve@mitre.org

Published DateNov 17, 2025, 08:16

Affected Versions(3)

keystone(PyPI)

Introduced0

Fixed26.0.1

LimitN/A

keystone(PyPI)

Introduced27.0.0.0rc1

Fixed27.0.0

LimitN/A

keystone(PyPI)

Introduced28.0.0.0rc1

Fixed28.0.0

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
keystone(PyPI)	0	26.0.1	N/A
keystone(PyPI)	27.0.0.0rc1	27.0.0	N/A
keystone(PyPI)	28.0.0.0rc1	28.0.0	N/A

Weakness Type (CWE):CWE-863

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

LOW

Integrity (I)

HIGH

Availability (A)

NONE

References

Base Score

HIGH7.5

Weakness Type (CWE):CWE-863

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

CHANGED

Confidentiality (C)

LOW

Integrity (I)

HIGH

Availability (A)

NONE