Количество 3
Количество 3
CVE-2023-22647
An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserved. When this operation was followed-up by other specially crafted commands, it could result in the user gaining access to tokens belonging to service accounts in the local cluster. This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4.
GHSA-p976-h52c-26p6
Rancher vulnerable to Privilege Escalation via manipulation of Secrets
BDU:2023-04049
Уязвимость программной платформы для развертывания контейнеров в производственной среде SUSE Rancher wrangler, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-22647 An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserved. When this operation was followed-up by other specially crafted commands, it could result in the user gaining access to tokens belonging to service accounts in the local cluster. This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4. | CVSS3: 9.9 | 1% Низкий | больше 2 лет назад |
| GHSA-p976-h52c-26p6 Rancher vulnerable to Privilege Escalation via manipulation of Secrets | CVSS3: 9.9 | 1% Низкий | больше 2 лет назад |
 | BDU:2023-04049 Уязвимость программной платформы для развертывания контейнеров в производственной среде SUSE Rancher wrangler, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии | CVSS3: 9.9 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу