Missing Authorization Flaw in OpenShift Cluster Logging Operator by Red Hat
CVE-2026-10609

6.8MEDIUM

Key Information:

Vendor: Red Hat
Status: Logging Subsystem For Red Hat Openshift
Vendor: CVE Published:; 23 June 2026

What is CVE-2026-10609?

A missing authorization vulnerability has been identified in the OpenShift Cluster Logging Operator that permits unauthorized access to ServiceAccount tokens. This flaw occurs when the operator creates and forwards these tokens to output destinations without proper verification of the permissions of the ClusterLogForwarder creator. As a result, a delegated editor could exploit this vulnerability to exfiltrate sensitive ServiceAccount tokens and potentially escalate privileges within the system.

References

https://access.redhat.com/security/cve/CVE-2026-10609

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2483943

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2026
Vulnerability Reserved
Jun 2, 2026

Credit

Red Hat would like to thank Trung Nguyen (@everping) (CyStack) for reporting this issue.

CVE-2026-10609 Data

JSON