Lucene search
SuseCVELIST:CVE-2021-36784HistoryMay 02, 2022 - 7:05 a.m.
CVE-2021-36784 Privilege escalation for users with create/update permissions in Global Roles
2022-05-0207:05:14
CWE-269
suse
www.cve.org
6
cve-2021-36784
privilege escalation
suse rancher
improper privilege management
global roles
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.0%
A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.
CNA Affected
[
{
"product": "Rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.13",
"status": "affected",
"version": "Rancher",
"versionType": "custom"
}
]
},
{
"product": "Rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.6.4",
"status": "affected",
"version": "Rancher",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Privilege Escalation
2022-05-05 03:39:02
cve
cve
CVE-2021-36784
2022-05-02 12:16:26
osv
osv
Privilege escalation for users with create/update permissions in Global Roles in Rancher
2022-05-02 19:39:35
CVE-2021-36784
2022-05-02 12:16:00
github
github
cnvd
cnvd
Rancher Labs Rancher Licensing Issue Vulnerability (CNVD-2022-65014)
2022-05-07 00:00:00
prion
prion
Privilege escalation
2022-05-02 12:16:00
nvd
nvd
CVE-2021-36784
2022-05-02 12:16:26
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.0%
Related for CVELIST:CVE-2021-36784