Lucene search
GoogleOSV:CVE-2019-12274HistoryJun 06, 2019 - 4:29 p.m.
CVE-2019-12274
2019-06-0616:29:01
Google
osv.dev
6
In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.
Related
osv
osv
Rancher code injection via fluentd config commands
2022-05-24 16:47:29
Rancher Privilege Escalation Vulnerability in github.com/rancher/rancher
2024-08-20 20:32:20
CVE-2019-12303
2019-06-06 16:29:01
nessus
nessus
openvas
openvas
Rancher 2.x.x <= 2.2.3 RCE Vulnerability
2019-06-11 00:00:00
Rancher < 2.2.4 Multiple Vulnerabilities
2019-06-11 00:00:00
cve
cve
CVE-2019-12274
2019-06-06 16:29:01
CVE-2019-12303
2019-06-06 16:29:01
cvelist
cvelist
CVE-2019-12274
2019-06-06 15:07:30
CVE-2019-12303
2019-06-06 15:02:39
github
github
Rancher Privilege Escalation Vulnerability
2022-05-24 16:47:29
Rancher code injection via fluentd config commands
2022-05-24 16:47:29
prion
prion
Code injection
2019-06-06 16:29:00
Design/Logic Flaw
2019-06-06 16:29:00
nvd
nvd
CVE-2019-12274
2019-06-06 16:29:01
CVE-2019-12303
2019-06-06 16:29:01