CVE-2021-36775

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-36775

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-36775.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-36775

Aliases

Published

2022-04-04T13:15:07.467Z

Modified

2026-02-13T08:46:36.650841Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions prior to 2.4.18; Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

References

Affected packages

Git / github.com/rancher/rancher

Affected ranges

Type: GIT
Repo: https://github.com/rancher/rancher
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

cd0f57ed70205390ffd713b5fa0086fd4699abff

Introduced

65f3525cdc1167872af4140d45f3153698450c52

Fixed

c5f7295f6f105b3b21daac066c3b05616b81ec68

Introduced

df2432ad895c9d6be0e47e0d6d62a4c3dc8f08e5

Fixed

3c1d5fac32482f00828bec2a4eda39a431a4dbe4

Affected versions

v2.*

v2.5.0

v2.5.0-rc9

v2.5.1

v2.5.1-rc1

v2.5.10

v2.5.10-rc1

v2.5.10-rc2

v2.5.10-rc3

v2.5.10-rc4

v2.5.10-rc5

v2.5.10-rc6

v2.5.10-rc7

v2.5.12-rc1

v2.5.12-rc2

v2.5.12-rc3

v2.5.12-rc4

v2.5.12-rc5

v2.5.12-rc6

v2.5.12-rc7

v2.5.2

v2.5.2-rc

v2.5.2-rc1

v2.5.2-rc10

v2.5.2-rc2

v2.5.2-rc3

v2.5.2-rc4

v2.5.2-rc5

v2.5.2-rc6

v2.5.2-rc7

v2.5.2-rc8

v2.5.2-rc9

v2.5.4

v2.5.4-rc1

v2.5.4-rc2

v2.5.4-rc3

v2.5.4-rc4

v2.5.4-rc5

v2.5.4-rc6

v2.5.4-rc7

v2.5.4-rc8

v2.5.4-rc9

v2.5.6

v2.5.6-rc1

v2.5.6-rc2

v2.5.6-rc3

v2.5.6-rc4

v2.5.6-rc5

v2.5.6-rc6

v2.5.6-rc7

v2.5.6-rc8

v2.5.6-rc9

v2.5.8

v2.5.8-rc10

v2.5.8-rc11

v2.5.8-rc12

v2.5.8-rc13

v2.5.8-rc14

v2.5.8-rc15

v2.5.8-rc16

v2.5.8-rc17

v2.5.8-rc18

v2.5.8-rc19

v2.5.8-rc2

v2.5.8-rc20

v2.5.8-rc21

v2.5.8-rc3

v2.5.8-rc4

v2.5.8-rc5

v2.5.8-rc6

v2.5.8-rc7

v2.5.8-rc8

v2.5.8-rc9

v2.6.0

v2.6.0-rc10

v2.6.1

v2.6.1-harvester1

v2.6.1-harvester2

v2.6.1-rc1

v2.6.1-rc10

v2.6.1-rc11

v2.6.1-rc12

v2.6.1-rc13

v2.6.1-rc2

v2.6.1-rc3

v2.6.1-rc4

v2.6.1-rc5

v2.6.1-rc6

v2.6.1-rc7

v2.6.1-rc8

v2.6.1-rc9

v2.6.3-rc1

v2.6.3-rc10

v2.6.3-rc2

v2.6.3-rc3

v2.6.3-rc4

v2.6.3-rc5

v2.6.3-rc6

v2.6.3-rc7

v2.6.3-rc8

v2.6.3-rc9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-36775.json"