A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
Exploitability
AV:NAC:LPR:LUI:RScope
S:UImpact
C:LI:LA:L5.5/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LOther