CVE-2026-62147 in OpenShiftinfo

Summary

by MITRE • 07/13/2026

The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants' namespaces.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/13/2026

This vulnerability represents a critical access control flaw in the Tempo Operator's gateway component that undermines tenant isolation within distributed tracing systems. The issue manifests when namespace-scoped redaction mechanisms fail to consistently enforce data boundaries during query API responses, creating a path for authenticated users to access span attributes belonging to different tenant namespaces. This represents a direct violation of multi-tenancy security principles and constitutes a privilege escalation vulnerability that allows unauthorized data access across isolated tenant environments.

The technical flaw stems from inconsistent implementation of role-based access control (RBAC) within the query API response handling paths. When RBAC is enabled, the gateway component should enforce strict namespace boundaries to prevent cross-tenant data leakage. However, certain API response pathways bypass or inadequately apply namespace-scoped redaction filters, enabling authenticated users to traverse tenant isolation mechanisms. This vulnerability aligns with CWE-284 Access Control Issues and specifically manifests as a failure in mandatory access control enforcement within multi-tenant distributed systems.

The operational impact of this vulnerability extends beyond simple data exposure to encompass potential business disruption and compliance violations. Organizations relying on Tempo Operator for distributed tracing across multiple tenants face significant risk of sensitive operational data leakage, including service dependencies, performance metrics, and potentially confidential business information. Attackers could exploit this weakness to gather competitive intelligence, identify system vulnerabilities in other tenant environments, or conduct reconnaissance for more sophisticated attacks. The vulnerability particularly affects cloud-native environments where multi-tenancy is fundamental to service delivery models.

Mitigation strategies should focus on implementing comprehensive namespace validation at all API response paths when RBAC is enabled, ensuring consistent redaction of span attributes across all query result sets regardless of access control state. Organizations must conduct thorough code reviews to identify all potential API response pathways that might bypass namespace-scoped controls and implement automated testing procedures to validate tenant isolation. The remediation aligns with ATT&CK technique T1078 Valid Accounts and T1566 Phishing, as unauthorized data access could enable further attack vectors through information gathering. Security teams should also implement monitoring for anomalous API query patterns that might indicate exploitation attempts and establish regular security assessments to validate access control implementations in multi-tenant environments.

Responsible

Redhat

Reservation

07/13/2026

Disclosure

07/13/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

low

Sources

Do you know our Splunk app?

Download it now for free!