CVE-2022-21947

Published: Apr 1, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.

Affected (1)

Products: Suse: Rancher Desktop

1 product

Rancher Desktop

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Suse Rancher Desktop	Before 1.2.1

Related CWEs

Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (2)

https://bugzilla.suse.com/show_bug.cgi?id=1197491

Source: meissner@suse.de

Issue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1197491

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.