VDB

CISA-2023-32196

CISA-2023-32196 PUBLISHED CVSS 6.6 MEDIUM

Reported by suse · Published October 16, 2024

A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation.

Risk Scores

CVSS 3.1
6.6
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
SUSErancher2.7.0, 2.8.0
rancherrancher2.7.0, 2.8.0, 2.7.0
SUSErancher2.8.0, 2.7.0, 2.8.0

Timeline

  • Oct 16, 2024 CVE Published
  • Oct 16, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›