A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HRancher
APPRancher< 2.4.162.5.0 – 2.5.9 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2021-25320CRITICAL9.9ten sam produkt
A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud provi...
CVE-2021-36775HIGH8.8ten sam produkt
a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been ...
CVE-2021-36776HIGH8.8ten sam produkt
A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. T...
CVE-2021-31999HIGH8.8ten sam produkt
A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to ...