Join the Cyber Forum: Threat Intel on May 12, 2026 to learn how AI is reshaping threat defense.Join the Virtual Cyber Forum: Threat IntelRegister Now
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-34881

CVE-2026-34881: OpenStack Glance SSRF Vulnerability

CVE-2026-34881 is a Server-Side Request Forgery flaw in OpenStack Glance that allows authenticated users to bypass URL validation and access internal services. This article covers technical details, affected versions, and mitigation.

Published: April 2, 2026

CVE-2026-34881 Overview

OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by a Server-Side Request Forgery (SSRF) vulnerability. By leveraging HTTP redirects, an authenticated user can bypass URL validation checks and redirect requests to internal services. This vulnerability specifically affects the Glance image import functionality, including the web-download and glance-download import methods, as well as the optional ovf_process image import plugin (not enabled by default).

Critical Impact

Authenticated attackers can bypass URL validation through HTTP redirects, potentially accessing internal services and sensitive resources not intended to be publicly accessible.

Affected Products

  • OpenStack Glance versions before 29.1.1
  • OpenStack Glance 30.x versions before 30.1.1
  • OpenStack Glance version 31.0.0

Discovery Timeline

  • 2026-03-31 - CVE-2026-34881 published to NVD
  • 2026-04-02 - Last updated in NVD database

Technical Details for CVE-2026-34881

Vulnerability Analysis

This Server-Side Request Forgery (SSRF) vulnerability in OpenStack Glance allows authenticated users to manipulate the image import process to access internal resources. The flaw exists in how Glance handles HTTP redirects during image import operations. While Glance implements URL validation to prevent access to internal services, the validation occurs only on the initial URL provided by the user. When the remote server responds with an HTTP redirect (such as 301 or 302 status codes), Glance follows the redirect without re-validating the destination URL against the same security policies.

This bypass mechanism enables attackers to craft malicious URLs that initially pass validation but redirect to internal network addresses, cloud metadata services, or other restricted endpoints. The vulnerability is classified under CWE-918 (Server-Side Request Forgery), reflecting its core nature as an SSRF attack vector.

Root Cause

The root cause of this vulnerability lies in insufficient validation of redirect destinations in the Glance image import process. The URL validation logic applies security checks only to the original user-supplied URL, not to subsequent redirect targets. This architectural oversight allows attackers to use a legitimate external URL that redirects to internal resources, effectively bypassing the intended security controls.

Attack Vector

The attack requires network access and authenticated credentials to the OpenStack Glance service. An attacker can exploit this vulnerability through the following mechanism:

  1. The attacker creates or controls an external web server configured to return HTTP redirect responses
  2. The attacker initiates an image import using the web-download or glance-download method, providing the URL of their controlled server
  3. Glance validates the initial URL, which points to the external server and passes security checks
  4. Glance fetches the URL, and the attacker's server responds with an HTTP redirect to an internal service (e.g., http://169.254.169.254/ for cloud metadata)
  5. Glance follows the redirect without re-validating the destination, accessing the internal resource

This attack can be used to probe internal network services, access cloud provider metadata endpoints containing sensitive credentials, or interact with internal APIs that should not be accessible from the Glance service context.

Detection Methods for CVE-2026-34881

Indicators of Compromise

  • Unexpected outbound connections from Glance services to internal IP ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16)
  • Image import requests targeting known redirect services or URL shorteners
  • Access logs showing requests to cloud metadata endpoints (e.g., 169.254.169.254) from Glance worker processes
  • Anomalous patterns in image import failures followed by internal service access attempts

Detection Strategies

  • Monitor Glance API logs for image import requests with suspicious external URLs, particularly those using URL shorteners or known redirect services
  • Implement network segmentation monitoring to detect unexpected traffic from Glance services to internal network segments
  • Configure alerting for any access attempts to cloud metadata services from OpenStack service accounts
  • Review Glance import job logs for patterns indicating redirect chains or failed imports after following redirects

Monitoring Recommendations

  • Enable verbose logging for Glance image import operations to capture full request chains including redirects
  • Deploy network monitoring to track all outbound connections from Glance services and alert on connections to RFC 1918 addresses or link-local addresses
  • Implement egress filtering with logging to detect and record attempts to access internal resources
  • Monitor for unusual spikes in image import failures that may indicate exploitation attempts

How to Mitigate CVE-2026-34881

Immediate Actions Required

  • Upgrade OpenStack Glance to version 29.1.1, 30.1.1, or later depending on your deployment branch
  • If immediate patching is not possible, consider temporarily disabling the web-download and glance-download import methods
  • Review and audit recent image import activities for signs of exploitation
  • Implement network-level controls to restrict Glance service access to internal networks

Patch Information

OpenStack has released security patches addressing this vulnerability. Users should upgrade to Glance version 29.1.1 or later for the 29.x branch, version 30.1.1 or later for the 30.x branch, or wait for the patched release following 31.0.0. For detailed patch information, refer to the OpenStack Security Advisory OSSA-2026-004 and the Launchpad Bug Report.

Workarounds

  • Disable the web-download and glance-download import methods if they are not essential to your operations by modifying the Glance configuration
  • If the ovf_process import plugin is enabled, consider disabling it until patches can be applied
  • Implement strict egress firewall rules for Glance services to prevent access to internal networks and cloud metadata endpoints
  • Deploy a reverse proxy or web application firewall in front of external URLs accessed by Glance to validate and sanitize redirect destinations

The vulnerability can be mitigated at the network level by configuring firewall rules to prevent Glance worker processes from accessing internal IP ranges. This should be configured on network firewalls or through cloud provider security groups to ensure Glance can only reach legitimate external image sources.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeSSRF
  • Vendor/TechOpenstack Glance
  • SeverityMEDIUM
  • CVSS Score5.0
  • EPSS Probability0.03%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-918
  • Technical References
  • Launchpad Bug Report
  • OpenStack Security Advisory OSSA-2026-004
  • Latest CVEs
  • CVE-2025-52793: Esselink.nu Settings CSRF Vulnerability
  • CVE-2025-52772: Virtual Moderator CSRF Vulnerability
  • CVE-2025-48279: WC MyParcel Belgium XSS Vulnerability
  • CVE-2025-39381: KiotViet Sync CSRF Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English