A critical remote code execution vulnerability in OpenStack Mistral allows unauthenticated attackers to execute arbitrary commands and exfiltrate sensitive credentials.

The vulnerability exists in the API endpoints of OpenStack Mistral, which do not properly sanitize input or restrict execution, allowing an unauthenticated remote attacker to execute arbitrary code. This flaw provides a vector for attackers to compromise service credentials and gain broader control over the OpenStack environment.

With a CVSS score of 9.9, this vulnerability represents an extremely high risk. Successful exploitation can lead to a complete compromise of the OpenStack environment, resulting in data breaches, unauthorized access to cloud resources, and catastrophic loss of service integrity.

Immediate Action: Upgrade OpenStack Mistral to version 23.0.0 or later immediately to resolve the vulnerable API endpoints.

Proactive Monitoring: Review API access logs for unusual activity or requests directed at sensitive Mistral endpoints that could indicate exploitation.

Compensating Controls: Restrict access to the Mistral API service to trusted internal networks only, using firewalls or VPNs, until the patch can be applied.

Public Exploit Available: false

Given the critical nature of this RCE and its potential impact on cloud infrastructure, immediate patching is required. Organizations running OpenStack Mistral should prioritize this update to prevent unauthorized administrative access to their cloud platforms.