Multiple vulnerabilities in Rancher
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU55281
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-31999
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to a reliance on untrusted inputs in a security decision issue. A remote attacker can forge the "Impersonate-User" or "Impersonate-Group" headers and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRancher: 2.4.0 - 2.5.8
CPE2.3- cpe:2.3:a:rancher:rancher:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.3:*:*:*:*:*:*:*
https://bugzilla.suse.com/show_bug.cgi?id=1187084
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect permission assignment for critical resource
EUVDB-ID: #VU55282
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-25318
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to incorrect permission assignment for critical resource. A remote authenticated attacker can modify resources they should not have access to.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRancher: 2.4.0 - 2.5.8
CPE2.3- cpe:2.3:a:rancher:rancher:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.3:*:*:*:*:*:*:*
https://bugzilla.suse.com/show_bug.cgi?id=1184913
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU55283
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-25320
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote authenticated attacker can make request to cloud providers by creating requests with the cloud-credential ID.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRancher: 2.4.0 - 2.5.8
CPE2.3- cpe:2.3:a:rancher:rancher:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:rancher:rancher:2.4.3:*:*:*:*:*:*:*
https://bugzilla.suse.com/show_bug.cgi?id=1185514
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
