CVE-2021-25320 in Rancherinformação

Sumário

de MITRE • 15/07/2021

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16.

Be aware that VulDB is the high quality source for vulnerability data.

Responsável

SUSE

Reservar

19/01/2021

Divulgação

15/07/2021

Moderação

aceite

Entrada

VDB-178722

CPE

pronto

EPSS

0.00832

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!