Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse rancher vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-36775
a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions before 2.4.18; Rancher versions before 2.5.12; Rancher versions before 2.6.3.
Rancher Rancher
578
VMScore
CVE-2021-36776
A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. This issue affects: SUSE Rancher Rancher versions before 2.5.10.
Rancher Rancher
517
VMScore
CVE-2022-21947
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
Suse Rancher Desktop
356
VMScore
CVE-2021-32001
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.) and decrypt it, wit...
Suse Rancher Rke2 1.20.8
Suse Rancher Rke2 1.21.2
Suse Rancher Rke2 1.19.12
Suse Rancher K3s 1.20.8
Suse Rancher K3s 1.21.2
Suse Rancher K3s 1.19.12
383
VMScore
CVE-2021-25313
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote malicious users to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions before 2.5.6.
Suse Rancher
383
VMScore
CVE-2019-13209
Rancher 2 up to and including 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by th...
Suse Rancher
668
VMScore
CVE-2019-11202
An issue exists that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 up to and including 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Ranche...
Suse Rancher
383
VMScore
CVE-2019-11881
A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legit...
Suse Rancher 2.1.4
1 Github repository
356
VMScore
CVE-2019-12274
In Rancher 1 and 2 up to and including 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a...
Suse Rancher
578
VMScore
CVE-2019-12303
In Rancher 2 up to and including 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.
Suse Rancher
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »