NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:suse:rancher:2.3.9:*:*:*:*:*:*:*
CPE Name Search: true

There are 5 matching records.

Displaying matches 1 through 5.

Vuln ID	Summary	CVSS Severity
CVE-2020-10676	In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an incorrectly applied authorization check allows users who have certain access to a namespace to move that namespace to a different project. Published: December 12, 2023; 12:15:07 PM -0500	V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available)
CVE-2021-4200	A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. Published: May 02, 2022; 8:16:26 AM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 5.5 MEDIUM
CVE-2021-36784	A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. Published: May 02, 2022; 8:16:26 AM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2021-36778	A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3. Published: May 02, 2022; 8:16:25 AM -0400	V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM
CVE-2021-25313	A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6. Published: March 05, 2021; 4:15:13 AM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM