Lucene search
K

4 matches found

Veracode
Veracode
added 2026/01/16 9:18 a.m.5 views

Improper Authorization Enforcement

github.com/rancher/rancher is vulnerable to improper authorization enforcement. The vulnerability is due to improper revocation of permissions after removing a custom GlobalRole or its binding, which allows an attacker to retain unauthorized administrative access to clusters when the role contain...

4.3CVSS5.9AI score0.00208EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/10/29 3:15 p.m.7 views

CVE-2023-32199

A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a on in rule for resources or have a on ru...

4.3CVSS0.00208EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/25 12:13 a.m.3 views

SUSE CVE-2023-32199

A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a on in rule for resources or have a on ru...

4.3CVSS6.6AI score0.00208EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/24 12:0 a.m.8 views

PT-2025-43690

Name of the Vulnerable Software and Affected Versions Rancher versions prior to 2.12.3 Rancher versions prior to 2.11.7 Description A flaw exists in Rancher Manager where removing a custom GlobalRole granting administrative access, or its corresponding binding, does not revoke the user's access t...

4.3CVSS6.2AI score0.00208EPSS
Exploits0References7
Rows per page
Query Builder