CVE-2021-36775

Published: Apr 4, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions prior to 2.4.18; Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

Affected (3)

Products: Rancher: Rancher

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Rancher Rancher	Before 2.4.18
Rancher Rancher	From 2.5.0 to 2.5.12
Rancher Rancher	From 2.6.0 to 2.6.3

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://bugzilla.suse.com/show_bug.cgi?id=1189120

Source: meissner@suse.de

Issue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1189120

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.