The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-28370

CVE-2026-28370: OpenStack Vitrage RCE Vulnerability

CVE-2026-28370 is a remote code execution vulnerability in OpenStack Vitrage that allows authenticated API users to execute arbitrary code on the service host. This article covers technical details, affected versions, and mitigation.

Published: March 6, 2026

CVE-2026-28370 Overview

A critical code execution vulnerability exists in the query parser of OpenStack Vitrage before versions 12.0.1, 13.0.0, 14.0.0, and 15.0.0. The vulnerability resides in the _create_query_function within vitrage/graph/query.py, where improper handling of user-supplied input allows authenticated users with API access to execute arbitrary code on the Vitrage service host. This code injection flaw (CWE-95) enables attackers to run commands with the same privileges as the Vitrage service account, potentially leading to full system compromise.

Critical Impact

Authenticated attackers can achieve remote code execution on the Vitrage service host, potentially compromising the entire OpenStack deployment and enabling lateral movement across the infrastructure.

Affected Products

  • OpenStack Vitrage versions before 12.0.1
  • OpenStack Vitrage version 13.0.0
  • OpenStack Vitrage version 14.0.0
  • OpenStack Vitrage version 15.0.0

Discovery Timeline

  • 2026-02-27 - CVE-2026-28370 published to NVD
  • 2026-03-05 - Last updated in NVD database

Technical Details for CVE-2026-28370

Vulnerability Analysis

This vulnerability is classified as a Code Injection flaw (CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code). The issue affects the query parser component of OpenStack Vitrage, specifically within the graph query functionality. When processing user-supplied queries through the Vitrage API, the application fails to properly sanitize input before dynamically evaluating it, creating an opportunity for code injection.

The vulnerability allows any user with access to the Vitrage API to craft malicious queries that result in arbitrary code execution on the server side. Because the code runs in the context of the Vitrage service account, successful exploitation grants attackers the ability to access sensitive data, modify configurations, or pivot to other systems within the OpenStack environment.

All deployments that expose the Vitrage API are vulnerable. Given that Vitrage is a root cause analysis service for OpenStack, it typically has significant access to infrastructure monitoring data, making compromise particularly impactful.

Root Cause

The root cause lies in the _create_query_function function located in vitrage/graph/query.py. This function dynamically constructs and evaluates code based on user-provided query parameters without adequate input validation or sanitization. The lack of proper escaping or parameterization allows attackers to inject arbitrary Python code that gets executed by the interpreter.

The vulnerable code pattern involves directly interpolating user-controlled data into dynamically evaluated expressions, violating secure coding principles that mandate separation between code and data.

Attack Vector

The attack is network-accessible and requires authentication to the Vitrage API. An attacker with valid credentials (even low-privilege access) can exploit this vulnerability by:

  1. Sending a crafted API request to the Vitrage service with a malicious query parameter
  2. The query parser processes the input through the _create_query_function function
  3. Malicious code embedded in the query is dynamically evaluated
  4. Arbitrary commands execute with the privileges of the Vitrage service account

The vulnerability affects deployments where the Vitrage API is exposed to users who may not be fully trusted, including multi-tenant environments. Technical details about the vulnerable code pattern can be found in the GitHub code reference.

Detection Methods for CVE-2026-28370

Indicators of Compromise

  • Unusual process spawning from the Vitrage service process
  • Unexpected network connections originating from the Vitrage service host
  • Anomalous API requests to Vitrage endpoints containing special characters or Python syntax in query parameters
  • Evidence of code execution artifacts in Vitrage service logs

Detection Strategies

  • Monitor Vitrage API logs for query parameters containing Python keywords such as exec, eval, import, __builtins__, or shell command syntax
  • Implement application-layer firewalls or WAF rules to detect code injection patterns in API requests
  • Enable enhanced audit logging on the Vitrage service to capture detailed request information
  • Deploy endpoint detection and response (EDR) solutions to identify suspicious process behavior from the Vitrage service account

Monitoring Recommendations

  • Configure alerting for any child processes spawned by the Vitrage service that are not part of normal operations
  • Establish baseline behavior for Vitrage API usage and alert on statistical anomalies in query patterns
  • Monitor for privilege escalation attempts or lateral movement originating from the Vitrage host
  • Review authentication logs for the Vitrage API to identify potentially compromised accounts being used for exploitation attempts

How to Mitigate CVE-2026-28370

Immediate Actions Required

  • Upgrade OpenStack Vitrage to version 12.0.1 or the latest patched version for your deployment branch
  • If immediate patching is not possible, restrict access to the Vitrage API to only trusted administrators
  • Implement network segmentation to limit exposure of the Vitrage API endpoint
  • Review recent Vitrage API access logs for indicators of exploitation

Patch Information

OpenStack has released security patches addressing this vulnerability. Users should upgrade to Vitrage version 12.0.1 or later, or apply the appropriate patches for versions 13.x, 14.x, and 15.x branches. For detailed patch information and upgrade guidance, consult the OpenStack Storyboard Entry and the Openwall OSS Security Mail.

Workarounds

  • Restrict Vitrage API access at the network level using firewall rules or security groups to allow only trusted IP addresses
  • Implement additional authentication controls such as multi-factor authentication for Vitrage API access
  • Deploy an API gateway or reverse proxy with input validation rules to filter potentially malicious query parameters
  • Consider temporarily disabling the Vitrage service if it is not critical to operations until patching can be completed
bash
# Example: Restrict Vitrage API access using iptables
# Allow only management network to access Vitrage API (default port 8999)
iptables -A INPUT -p tcp --dport 8999 -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -p tcp --dport 8999 -j DROP

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeRCE
  • Vendor/TechOpenstack
  • SeverityCRITICAL
  • CVSS Score9.1
  • EPSS Probability0.07%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityHigh
  • CWE References
  • CWE-95
  • Technical References
  • GitHub Code Snippet
  • Openwall OSS Security Mail
  • Vendor Resources
  • OpenStack Storyboard Entry
  • Related CVEs
  • CVE-2026-24708: OpenStack Nova Privilege Escalation Flaw
  • CVE-2026-22797: OpenStack Privilege Escalation Flaw
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English