A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the “Impersonate-User” or “Impersonate-Group” headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16.
CPE | Name | Operator | Version |
---|---|---|---|
rancher | eq | 2.5.2-rc7 | |
rancher | eq | 2.5.9-rc10 | |
rancher | eq | 2.5.8-rc14 | |
rancher | eq | 2.5.8-rc19 | |
rancher | eq | 2.5.9-rc9 | |
rancher | eq | 2.5.8-rc8 | |
rancher | eq | 2.5.4-rc2 | |
rancher | eq | 2.5.4-rc9 | |
rancher | eq | 2.5.9-rc14 | |
rancher | eq | 2.5.9-rc7 |