Tempo Operator RBAC Redaction Bug Exposes Span Attrs Across Namespaces
CVE-2026-62147 Published on July 13, 2026

Tempo-operator: tempo operator: query rbac bypass
The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants' namespaces.

NVD

Vulnerability Analysis

CVE-2026-62147 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public.

Weakness Type

What is an AuthZ Vulnerability?

The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

CVE-2026-62147 has been classified to as an AuthZ vulnerability or weakness.


Products Associated with CVE-2026-62147

Want to know whenever a new CVE is published for Red Hat Openshift Distributed Tracing? stack.watch will email you.

 

Affected Versions

Red Hat OpenShift distributed tracing 3: Red Hat OpenShift distributed tracing 3: