CVE-2026-44393: n/a
OpenStack oslo. messaging versions 1. 0. 0 through 17. 3. 0 using the RabbitMQ driver do not perform TLS hostname verification when connecting to the message broker. Although certificate chain validation occurs if ssl_ca_file is configured, the expected broker hostname is not passed to the TLS stack. This allows any certificate signed by the deployment CA to be accepted regardless of hostname, enabling an attacker who can intercept control-plane traffic to impersonate the RabbitMQ broker and conduct man-in-the-middle attacks on RPC and notification traffic. All OpenStack services using oslo. messaging with RabbitMQ over TLS are affected.
AI Analysis
Technical Summary
The vulnerability in OpenStack oslo.messaging (versions 1.0.0 through 17.3.0) lies in the RabbitMQ driver’s failure to perform TLS hostname verification. While certificate chain validation is enabled when ssl_ca_file is configured, the driver does not supply the expected broker hostname to the TLS stack. Consequently, any certificate signed by the deployment CA is accepted regardless of hostname, which can allow an attacker intercepting control-plane traffic to impersonate the RabbitMQ broker. This flaw exposes RPC and notification traffic to man-in-the-middle attacks in all OpenStack services using oslo.messaging with RabbitMQ over TLS.
Potential Impact
An attacker capable of intercepting control-plane traffic can impersonate the RabbitMQ broker by presenting any certificate signed by the deployment CA, bypassing hostname verification. This enables man-in-the-middle attacks on RPC and notification traffic within OpenStack services using oslo.messaging with RabbitMQ over TLS, potentially compromising confidentiality and integrity of these communications.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider additional network-level protections to prevent interception of control-plane traffic. Avoid relying solely on ssl_ca_file for TLS validation without hostname verification. Monitor vendor channels for updates addressing this vulnerability.
CVE-2026-44393: n/a
Description
OpenStack oslo. messaging versions 1. 0. 0 through 17. 3. 0 using the RabbitMQ driver do not perform TLS hostname verification when connecting to the message broker. Although certificate chain validation occurs if ssl_ca_file is configured, the expected broker hostname is not passed to the TLS stack. This allows any certificate signed by the deployment CA to be accepted regardless of hostname, enabling an attacker who can intercept control-plane traffic to impersonate the RabbitMQ broker and conduct man-in-the-middle attacks on RPC and notification traffic. All OpenStack services using oslo. messaging with RabbitMQ over TLS are affected.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in OpenStack oslo.messaging (versions 1.0.0 through 17.3.0) lies in the RabbitMQ driver’s failure to perform TLS hostname verification. While certificate chain validation is enabled when ssl_ca_file is configured, the driver does not supply the expected broker hostname to the TLS stack. Consequently, any certificate signed by the deployment CA is accepted regardless of hostname, which can allow an attacker intercepting control-plane traffic to impersonate the RabbitMQ broker. This flaw exposes RPC and notification traffic to man-in-the-middle attacks in all OpenStack services using oslo.messaging with RabbitMQ over TLS.
Potential Impact
An attacker capable of intercepting control-plane traffic can impersonate the RabbitMQ broker by presenting any certificate signed by the deployment CA, bypassing hostname verification. This enables man-in-the-middle attacks on RPC and notification traffic within OpenStack services using oslo.messaging with RabbitMQ over TLS, potentially compromising confidentiality and integrity of these communications.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider additional network-level protections to prevent interception of control-plane traffic. Avoid relying solely on ssl_ca_file for TLS validation without hostname verification. Monitor vendor channels for updates addressing this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-05-05T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a219e6ae29bf47b50b4476a
Added to database: 6/4/2026, 3:48:58 PM
Last enriched: 6/4/2026, 4:03:43 PM
Last updated: 6/4/2026, 5:03:57 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.