cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-45157,https://securityvulnerability.io/vulnerability/CVE-2022-45157,Rancher vSphere Vulnerability: Plaintext Storage of CPI/CSI Credentials,"A vulnerability has been identified in Rancher's handling of vSphere's Cloud Provider Interface (CPI) and Container Storage Interface (CSI) credentials. This issue arises from the insecure storage of CPI and CSI passwords as plaintext within Rancher. As a result, any deployment of clusters in vSphere environments is susceptible to credential exposure. This vulnerability highlights the critical need for secure credential management practices to safeguard sensitive information in cloud operations, particularly for users leveraging Rancher with vSphere.",Suse,Rancher,9.1,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-13T13:39:10.338Z,0
CVE-2024-22032,https://securityvulnerability.io/vulnerability/CVE-2024-22032,Kubernetes RKE1 Cluster Vulnerability: Plaintext Secret Values Exposed During Reconciliation,"A vulnerability has been identified in which an RKE1 cluster keeps 
constantly reconciling when secrets encryption configuration is enabled.
 When reconciling, the Kube API secret values are written in plaintext 
on the AppliedSpec. Cluster owners, Cluster members, and Project members
 (for projects within the cluster), all have RBAC permissions to view 
the cluster object from the apiserver.",Suse,Rancher,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:26:01.883Z,0
CVE-2024-22030,https://securityvulnerability.io/vulnerability/CVE-2024-22030,Rancher Vulnerability: Narrow MITM Exploit via Domain Control,"A vulnerability within Rancher has been identified, which could be exploited under specific conditions via a man-in-the-middle (MITM) attack. For this to take place, an attacker must either have control over a domain that has expired or carry out a DNS spoofing or hijacking attack against the Rancher URL. This potential security flaw requires stringent measures to safeguard against domain takeover and reinforce DNS security protocols to prevent exploitation. Organizations using Rancher must remain vigilant, ensuring they regularly monitor domain statuses and assess their DNS integrity.",Suse,Rancher,8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:24:06.944Z,0
CVE-2023-32196,https://securityvulnerability.io/vulnerability/CVE-2023-32196,Privilege Escalation Vulnerability in RoleTemplateObjects,"A significant vulnerability has been identified in Rancher where the privilege escalation checks for RoleTemplate objects are not adequately enforced when the external attribute is set to true. This flaw can potentially allow unauthorized users to escalate their privileges in certain scenarios, exposing sensitive resources and compromising the integrity of the environment. It is crucial for users and administrators of Rancher to be aware of this issue, review their configurations, and implement recommended security practices to mitigate the effects of this vulnerability.",Suse,Rancher,6.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:01:47.230Z,0
CVE-2023-32194,https://securityvulnerability.io/vulnerability/CVE-2023-32194,Naming Privilege Abuse Vulnerability,"A significant vulnerability exists in Rancher products that allows users with create or global role permissions for the resource type 'namespaces' to gain excessive privileges. This flaw enables unauthorized access to core namespaces, giving these users the ability to create, update, and delete namespaces within the project. The implications of this vulnerability are critical as it compromises the integrity and security of the Kubernetes environment, allowing for potential data breaches and resource manipulation.",Suse,Rancher,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T12:56:37.617Z,0
CVE-2023-22650,https://securityvulnerability.io/vulnerability/CVE-2023-22650,Rancher Vulnerability: Unauthorized Access via Deleted Users,"A user management vulnerability has been discovered in Rancher, where the platform fails to automatically revoke access for users who have been deleted or disabled in the configured authentication provider. This oversight means that tokens associated with these users remain active, potentially allowing unauthorized access to resources. As a result, organizations using Rancher are at risk of lingering access through obsolete user credentials, which may not be addressed by the usual user management processes.",Suse,Rancher,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T08:20:42.467Z,0
CVE-2023-22649,https://securityvulnerability.io/vulnerability/CVE-2023-22649,Sensitive Data at Risk of Leakage in Rancher Audit Logs,"A vulnerability exists in Rancher's audit logging feature that can lead to exposure of sensitive data. This issue arises specifically in deployments where the Audit Logging feature is enabled and the AUDIT_LEVEL is configured to '1 or higher'. In such scenarios, sensitive information may be unintentionally recorded in the audit logs, posing a risk to data privacy and security. Organizations using this feature should evaluate their configurations and take necessary precautions to safeguard sensitive information.",Suse,Rancher,6.5,MEDIUM,0.018309999257326126,false,,false,false,false,,,false,false,,2024-10-16T07:46:50.610Z,0
CVE-2023-22648,https://securityvulnerability.io/vulnerability/CVE-2023-22648,Improper Privilege Management in SUSE Rancher Affects Azure AD User Permissions,"An Improper Privilege Management issue in SUSE Rancher prevents changes in Azure Active Directory (Azure AD) from being accurately reflected in user permissions within the Rancher user interface. This vulnerability allows users who have their permissions downgraded or removed in Azure AD to retain their previous permissions in Rancher while logged in. As a result, users may continue to have unauthorized access to resources within Rancher, even after their group memberships have been altered in Azure AD.",Suse,Rancher,8.8,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-06-01T13:15:00.000Z,0
CVE-2023-22647,https://securityvulnerability.io/vulnerability/CVE-2023-22647,Improper Privilege Management in SUSE Rancher Affects Kubernetes Secrets,"An Improper Privilege Management vulnerability in SUSE Rancher enables standard users to exploit their permissions for manipulating Kubernetes secrets within the local cluster. This flaw permits users to delete secrets while maintaining read-level permissions for those secrets. If exploited alongside other specially crafted commands, this could result in unauthorized access to sensitive tokens associated with service accounts in the local cluster, potentially compromising the integrity of the Kubernetes environment.",Suse,Rancher,8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-01T13:15:00.000Z,0
CVE-2022-43760,https://securityvulnerability.io/vulnerability/CVE-2022-43760,Cross-site Scripting Vulnerability in Rancher by SUSE,"An improper neutralization of input during web page generation vulnerability in SUSE Rancher allows users in higher-privileged groups to inject malicious code. This code executes within the browser of another user, enabling attackers to potentially steal sensitive information, manipulate web content, or take other malicious actions impersonating the victims, especially if an administrator accesses the affected web page. This poses a significant risk to users with write access in the affected systems.",Suse,Rancher,8.4,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-06-01T12:56:40.074Z,0
CVE-2023-22651,https://securityvulnerability.io/vulnerability/CVE-2023-22651,Improper Privilege Management in SUSE Rancher,"An improper privilege management issue has been identified in SUSE Rancher, which poses a risk of privilege escalation. This vulnerability stems from a flaw in the update logic of Rancher's admission Webhook, which could result in misconfiguration. The admission Webhook is crucial as it enforces validation rules and security checks for resources entering the Kubernetes cluster. Only users upgrading from versions 2.6.x or 2.7.x to 2.7.2 are potentially impacted; fresh installations of 2.7.2 are not affected.",Suse,Rancher,9.9,CRITICAL,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-05-04T08:15:00.000Z,0
CVE-2022-21953,https://securityvulnerability.io/vulnerability/CVE-2022-21953,"Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster ","A vulnerability in SUSE Rancher enables authenticated users to create unauthorized shell pods and gain kubectl access within the local cluster, potentially compromising the security of the environment. This issue has implications for clusters running affected versions of Rancher, allowing attackers with basic access to escalate privileges and perform unauthorized actions.",Suse,Rancher,7.4,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-31249,https://securityvulnerability.io/vulnerability/CVE-2022-31249,[RANCHER] OS command injection in Rancher and Fleet,"An OS Command Injection vulnerability in the Wrangler component of SUSE Rancher allows remote attackers to execute arbitrary commands on the underlying host system. This is achieved by injecting crafted commands into the Wrangler, affecting multiple versions including 0.7.3, 0.8.4, and 1.0.0. Security measures should be implemented to mitigate the risk posed by this vulnerability.",Suse,Rancher,7.5,HIGH,0.002360000042244792,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-43755,https://securityvulnerability.io/vulnerability/CVE-2022-43755,Rancher: Non-random authentication token,"An Insufficient Entropy vulnerability in SUSE Rancher allows attackers who acquire the cattle-token to exploit the system repeatedly, even after the token is renewed. This presents a significant security risk as it can allow unauthorized actions within the system. It affects specific versions of SUSE Rancher, underscoring the necessity for immediate updates to mitigate potential impacts.",Suse,Rancher,7.1,HIGH,0.001550000044517219,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-43756,https://securityvulnerability.io/vulnerability/CVE-2022-43756,Rancher/Wrangler: Denial of service when processing Git credentials,A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.,Suse,Rancher,5.9,MEDIUM,0.0014400000218302011,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-43757,https://securityvulnerability.io/vulnerability/CVE-2022-43757,Rancher: Exposure of sensitive fields,"A vulnerability in SUSE Rancher pertains to the cleartext storage of sensitive information, enabling users on managed clusters to access critical credentials. The ramifications of this issue largely hinge on the type of credentials that may be exposed. This vulnerability impacts specific versions of Rancher prior to 2.5.17, 2.6.10, and 2.7.1, warranting immediate attention from organizations employing affected versions to ensure the integrity and security of their systems.",Suse,Rancher,9.9,CRITICAL,0.0009699999936856329,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-43758,https://securityvulnerability.io/vulnerability/CVE-2022-43758,Rancher: Command injection in Git package,"An OS Command Injection vulnerability in SUSE Rancher enables users to execute arbitrary code if they can add untrusted Helm catalogs or alter the URL configuration for downloading KDM. This flaw primarily impacts admin users who have access to modify configurations, thereby potentially compromising system integrity and security. Affected versions include those prior to 2.5.17, 2.6.10, and 2.7.1, which showcase the critical need for users to upgrade to mitigate these risks.",Suse,Rancher,7.6,HIGH,0.0009699999936856329,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-43759,https://securityvulnerability.io/vulnerability/CVE-2022-43759,Rancher: Privilege escalation via promoted roles,"An improper privilege management vulnerability in SUSE Rancher allows users with access to utilize the escalate verb on Pod Resource Template Blocks (PRTBs), enabling them to elevate permissions for any promoted resource across any cluster. This presents security risks as unauthorized users could gain higher-level access than intended, potentially compromising the integrity and confidentiality of the system. It is crucial for organizations using affected versions to apply the necessary updates to mitigate potential threats.",Suse,Rancher,7.2,HIGH,0.0009699999936856329,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2021-36783,https://securityvulnerability.io/vulnerability/CVE-2021-36783,Rancher: Failure to properly sanitize credentials in cluster template answers,"A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.",Suse,Rancher,9.9,CRITICAL,0.0009500000160187483,false,,false,false,false,,,false,false,,2022-09-07T09:15:00.000Z,0
CVE-2021-36782,https://securityvulnerability.io/vulnerability/CVE-2021-36782,Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object,"A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.",Suse,Rancher,9.9,CRITICAL,0.036809999495744705,false,,false,false,true,2022-12-01T19:30:27.000Z,true,false,false,,2022-09-07T09:15:00.000Z,0
CVE-2022-31247,https://securityvulnerability.io/vulnerability/CVE-2022-31247,Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB),"An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16.",Suse,Rancher,9.1,CRITICAL,0.0012400000123307109,false,,false,false,false,,,false,false,,2022-09-07T09:15:00.000Z,0
CVE-2022-21951,https://securityvulnerability.io/vulnerability/CVE-2022-21951,Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden,"A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5.",Suse,Rancher,6.8,MEDIUM,0.001069999998435378,false,,false,false,false,,,false,false,,2022-05-25T00:00:00.000Z,0
CVE-2021-36784,https://securityvulnerability.io/vulnerability/CVE-2021-36784,Privilege escalation for users with create/update permissions in Global Roles,A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.,Suse,Rancher,7.2,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2022-05-02T12:16:00.000Z,0
CVE-2021-4200,https://securityvulnerability.io/vulnerability/CVE-2021-4200,Write access to the Catalog for any user when restricted-admin role is enabled,A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.,Suse,Rancher,5.4,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2022-05-02T12:16:00.000Z,0
CVE-2021-36778,https://securityvulnerability.io/vulnerability/CVE-2021-36778,Exposure of repository credentials to external third-party sources,A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.,Suse,Rancher,7.3,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-05-02T12:16:00.000Z,0