3 matches found
CVE-2019-13209
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...
CVE-2019-13209
CVE-2019-13209 affects Rancher Server 2.x up to 2.2.4, vulnerable to Cross-Site Websocket Hijacking (CSWSH). The attack requires a logged-in Rancher user to visit a third-party site hosted by the attacker; the attacker can then issue commands against the cluster’s Kubernetes API using the victim’...
CVE-2019-13209
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...