2 matches found
Improper Preservation of Permissions
Overview Affected versions of this package are vulnerable to Improper Preservation of Permissions due to the improper removal of ClusterRoleBinding objects when a custom administrative global role or its binding is deleted. An attacker can retain unauthorized access to clusters by leveraging...
PT-2022-4713
Name of the Vulnerable Software and Affected Versions SUSE Rancher versions prior to 2.6.7 SUSE Rancher versions prior to 2.5.16 Description The issue is related to an Improper Authorization vulnerability in SUSE Rancher. It allows any user with permissions to create or edit cluster role template...