Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.9
CVSSv3

CVE-2021-36782

Published: 07/09/2022 Updated: 18/01/2023
CVSS v3 Base Score: 9.9 | Impact Score: 6 | Exploitability Score: 3.1
VMScore: 0
Subscribe to Rancher

Vulnerability Summary

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions before 2.5.16; Rancher versions before 2.6.7.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

suse rancher

Github Repositories

https://github.com/fe-ax/tf-cve-2021-36782

A Terraform module to launch Rancher 2.6.6 for blog article about CVE-2021-36782

Demo Terraform module for CVE-2021-36782 This is a Terraform module to demo CVE-2021-36782 Quick start Clone repository Run terraform init Copy exampletfvars to yourowntfvars Edit yourowntfvars You just need to add a digital ocean API token Run terraform apply -var-file yourowntfvars Give it ~20 minutes

References

CWE-312https://bugzilla.suse.com/show_bug.cgi?id=1193988https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2fhttps://nvd.nist.govhttps://github.com/fe-ax/tf-cve-2021-36782
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook