Listen to this Post
OpenBao uses a token store to manage authentication tokens across namespaces that are supposed to be isolated. The vulnerability exists because the token store does not properly enforce namespace boundaries when handling token renewal or revocation requests. A tenant that leaks a token accessor (a unique identifier for a token) can be attacked by a privileged administrator in another tenant. The attacker uses the leaked token accessor to send a renewal or revocation API call to the token store. The token store accepts the request without validating that the caller’s namespace matches the token’s owning namespace. As a result, an administrator in one namespace can renew a token from another namespace, keeping it alive indefinitely, or revoke it, causing denial of service. This breaks the multi‑tenant isolation that OpenBao’s namespaces are designed to provide. The vulnerability affects all OpenBao versions before the fix was applied in commit f58111d2ca54, which corresponds to release v2.5.3. The patch adds namespace ownership checks to every token store operation, ensuring that only the token’s owning namespace can renew or revoke it.
dailycve form
Platform: OpenBao
Version: <2.5.3
Vulnerability: Cross-namespace token ops
Severity: Low
Date: 2026-04-20
Prediction: Patch date 2026-04-20
What Undercode Say:
Check OpenBao version openbao version | grep -i "version" List all tokens (requires root token) openbao list auth/token/accessors Simulate a cross-namespace revocation attempt (pre-patch) openbao token revoke -accessor=<leaked_accessor> -namespace=tenantB After patch, the same command fails with permission denied openbao token revoke -accessor=<leaked_accessor> -namespace=tenantB Expected output: Error revoking token: permission denied
Exploit:
A privileged administrator in tenant A obtains a token accessor from tenant B (e.g., through logs or a misconfigured audit device). The administrator then calls the token revocation endpoint with that accessor, omitting any namespace ownership check. The token store revokes the token, causing all associated sessions in tenant B to terminate. The same technique works for token renewal, allowing the attacker to extend the lifetime of a token indefinitely.
Protection from this CVE
1. Upgrade OpenBao to v2.5.3 or later.
- Restrict access to token accessors by enabling audit logging and limiting who can list tokens.
- Monitor for unexpected token revocation or renewal events across namespaces.
Impact
Denial of service by revoking critical tokens. Breaking of multi‑tenant isolation, allowing one tenant to interfere with another’s token lifecycle. Reduced availability of services that depend on OpenBao tokens.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
