Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rancher rancher vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-36784
A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions before 2.5.13; Rancher versions before 2.6.4.
Suse Rancher
8.8
CVSSv3
CVE-2021-36775
a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions before 2.4.18; Rancher versions before 2.5.12; Rancher versions before 2.6.3.
Rancher Rancher
8.8
CVSSv3
CVE-2021-36776
A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. This issue affects: SUSE Rancher Rancher versions before 2.5.10.
Rancher Rancher
8.8
CVSSv3
CVE-2022-21947
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
Suse Rancher Desktop
6.5
CVSSv3
CVE-2021-32001
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.) and decrypt it, wit...
Suse Rancher Rke2 1.20.8
Suse Rancher Rke2 1.21.2
Suse Rancher Rke2 1.19.12
Suse Rancher K3s 1.20.8
Suse Rancher K3s 1.21.2
Suse Rancher K3s 1.19.12
8.8
CVSSv3
CVE-2021-31999
A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions before 2.5.9...
Rancher Rancher
8.8
CVSSv3
CVE-2021-25318
A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions before 2.5.9 ; Rancher versions before 2.4.16.
Rancher Rancher
9.9
CVSSv3
CVE-2021-25320
A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher ver...
Rancher Rancher
6.1
CVSSv3
CVE-2021-25313
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote malicious users to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions before 2.5.6.
Suse Rancher
6.1
CVSSv3
CVE-2019-13209
Rancher 2 up to and including 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by th...
Suse Rancher
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »