CVE-2025-2842 MEDIUM

CVE-2025-2842: Tempo-operator: tempo operator token exposition lead to read sensitive data

Vendor Red Hat
Product Red Hat OpenShift distributed tracing 3
Weakness CWE-200 · Info exposure
Published April 2, 2025
Last update March 22, 2026
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be exploited if a user has 'create' permissions on TempoStack and 'get' permissions on Secret in a namespace (for example, a user has ClusterAdmin permissions for a specific namespace), as the user can read the token of the Tempo service account and therefore has access to see all cluster metrics.

Key dates

02Disclosure timeline

April 2, 2025 CVE published
March 22, 2026 Record updated