Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Snyk
Snykadded 2026/03/03 2:50 p.m.4 views

Missing Encryption of Sensitive Data

Overview github.com/rancher/rancher/pkg/controllers/management/node is a complete container management platform Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the cluster creation using RKE templates with Weave CNI, where the WEAVEPASSWORD is not set,...

7.6CVSS5.8AI score0.00369EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2026/03/03 2:50 p.m.15 views

Rancher's weave CNI password is not configured when a cluster is created from an RKE template

Impact This vulnerability only affects customers using Weave CNI Container Network Interface when configured through RKE templates. A flaw was discovered in Rancher versions from 2.5.0 up to and including 2.5.13 and from 2.6.0 up to and including 2.6.4, where a UI user interface issue with RKE...

6.8CVSS6.7AI score0.00369EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2022/05/25 8:15 a.m.21 views

CVE-2022-21951 Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden

A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This...

6.8CVSS6.6AI score0.00369EPSS
Exploits1References2
Rows per page
Query Builder