CVE-2024-52282 in Rancherinfo

Zusammenfassung

von MITRE • 11.04.2025

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2.

This issue affects rancher: from 2.8.0 before 2.8.10, from 2.9.0 before 2.9.4.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Suse

Reservieren

06.11.2024

Veröffentlichung

11.04.2025

Moderieren

akzeptiert

Eintrag

VDB-304504

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

6.2 (CNA)

EPSS

0.00126

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-52282
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-52282
CVE Details	https://www.cvedetails.com/cve/CVE-2024-52282/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!