DescriptionA Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database||SUSE|
SUSE Security Advisories:
- GHSA-g25r-gvq3-wrq7, published Wed Jan 25 04:42:13 CET 2023
SUSE Timeline for this CVECVE page created: Thu May 19 18:00:31 2022
CVE page last modified: Thu Feb 9 14:24:11 2023