Lucene search
MitreCVELIST:CVE-2019-13209HistorySep 04, 2019 - 1:40 p.m.
CVE-2019-13209
2019-09-0413:40:18
mitre
www.cve.org
2
0.001 Low
EPSS
Percentile
40.0%
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is accomplished, the exploiter is able to execute commands against the cluster’s Kubernetes API with the permissions and identity of the victim.
Related
osv
osv
Rancher Vulnerable to Cross-site Request Forgery (CSRF)
2021-05-18 15:42:40
CVE-2019-13209
2019-09-04 14:15:11
Cross-site request forgery in github.com/rancher/rancher
2021-05-18 15:42:40
cve
cve
CVE-2019-13209
2019-09-04 14:15:11
veracode
veracode
Cross-site Websocket Hijacking (CSWSH)
2019-09-05 03:55:33
github
github
Rancher Vulnerable to Cross-site Request Forgery (CSRF)
2021-05-18 15:42:40
nvd
nvd
CVE-2019-13209
2019-09-04 14:15:11
prion
prion
Cross site scripting
2019-09-04 14:15:00