3 matches found
EUVD-2021-1305
Malware in sbrugna...
CVE-2025-23391 Rancher: Restricted Administrator can change Administrator's passwords
A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4...
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
Impact A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login. The issue occurs when a SAML authentication provider AP is configured e.g. Keycloak. A newly created AP user can impersonate any user on Rancher by manipulating...