Rancher Security Vulnerabilities and Issues — Rancher CVE List

Lucene search

SuseRancher

4 matches found

CVE•added 2022/05/02 12:16 p.m.•84 views

CVE-2021-36778

A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

7.5CVSS7.2AI score0.00379EPSS

CVE•added 2022/05/02 12:16 p.m.•77 views

CVE-2021-36784

A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.

7.2CVSS7AI score0.00484EPSS

CVE•added 2023/02/07 1:15 p.m.•65 views

CVE-2022-43758

A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SUSE Rancher allows code execution for user with the ability to add an untrusted Helm catalog or modifying the URL configuration used to download KDM (only admin users by default) This issu...

7.6CVSS7AI score0.00093EPSS

CVE•added 2021/03/05 9:15 a.m.•40 views

CVE-2021-25313

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6.

7.1CVSS6.5AI score0.00645EPSS