2 matches found
CVE-2021-25318 rancher: API group not properly specified when creating Kubernetes RBAC resources
A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16...
CVE-2021-25318
The CVE-2021-25318 issue affects Rancher where an Incorrect Permission Assignment for Critical Resource vulnerability allows cluster users to modify resources beyond their access. It impacts Rancher versions prior to 2.5.9 and prior to 2.4.16. The root cause is improper permission scope handling ...