HIGH🇬🇧 English

CVE-2021-25318

CVSS 8.8v3.1pub. 2021-07-15upd. 2024-11-21

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Rancher

    APP
    Rancher
    < 2.4.162.5.0 – 2.5.9 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-25320CRITICAL9.9ten sam produkt

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud provi...

CVE-2021-36775HIGH8.8ten sam produkt

a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been ...

CVE-2021-36776HIGH8.8ten sam produkt

A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. T...

CVE-2021-31999HIGH8.8ten sam produkt

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to ...