Upstream information

CVE-2026-44947 at MITRE

Description

A missing clean-up in the legacy Project Role Template Binding (PRTB)
reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security
Admission (PSA) permissions after an administrator removes those
permissions from a RoleTemplate.

Upstream Security Advisories:

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v4 Scores
CVSS detail CNA (SUSE)
Base Score 6.9
Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Attack Requirements Present
Privileges Required High
User Interaction None
Vulnerable System Confidentiality Impact None
Vulnerable System Integrity Impact High
Vulnerable System Availability Impact None
Subsequent System Confidentiality Impact None
Subsequent System Integrity Impact High
Subsequent System Availability Impact None
CVSSv4 Version 4.0
SUSE Bugzilla entry: 1268511 [NEW]

SUSE Security Advisories:


SUSE Timeline for this CVE

CVE page created: Thu Jun 18 11:30:23 2026
CVE page last modified: Tue Jun 30 20:41:17 2026