Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3935

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.02013EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/06/20 12:0 a.m.6 views

The vulnerability of Kubernets Rancher cluster management software lies in the lack of access restrictions on protected information. This allows attackers to expose the protected data and gain administrative control over the Kubernetes cluster.

The vulnerability of Kubernets Rancher cluster management software is related to the lack of restrictions on access to protected information. Exploiting this vulnerability allows a malicious actor to disclose protected data and gain administrative control over the Kubernetes cluster...

10CVSS7.7AI score0.00641EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/04/24 9:1 p.m.29 views

GHSA-PVXJ-25M6-7VQR Rancher Privilege escalation vulnerability via malicious "Connection" header

A vulnerability was discovered in Rancher 2.0.0 through the aforementioned patched versions, where a malicious Rancher user could craft an API request directed at the proxy for the Kubernetes API of a managed cluster to gain access to information they do not have access to. This is done by passin...

8.8CVSS8.7AI score0.01052EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.6 views

The vulnerability of the Webhook component in the Kubernets Rancher cluster management software allows a hacker to increase their privileges.

The vulnerability of the Webhook component in Kubernets Rancher’s cluster management software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

9.9CVSS7.7AI score0.00779EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 4:47 p.m.32 views

Rancher Privilege Escalation Vulnerability

In Rancher 1 and 2 through 2.2.3, unprivileged users if allowed to deploy nodes can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as...

8.8CVSS6.8AI score0.01143EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/22 12:0 a.m.48 views

RancherOS 1.6.x < 1.6.28 / 2.0.x < 2.0.15 / 2.1.x < 2.1.10 / 2.2.x < 2.2.4 Arbitrary File Read

In Rancher 1 and 2 through 2.2.3, unprivileged users if allowed to deploy nodes can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as...

8.8CVSS7.7AI score0.01143EPSS
Exploits0References6
CNVD
CNVD
added 2019/06/11 12:0 a.m.1 views

Rancher Labs Rancher Privilege Permission and Access Control Issues Vulnerability (CNVD-2019-43042)

Rancher Labs Rancher is the United States Rancher Labs, Inc. of a set of open source enterprise-class container management platform. A vulnerability exists in Rancher Labs Rancher with privilege permission and access control issues. An attacker can exploit this vulnerability to gain administrator...

8.8CVSS7.1AI score0.01143EPSS
Exploits0References1
Rows per page
Query Builder