CVE-2023-32199

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-32199

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32199.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-32199

Aliases

Downstream

openSUSE-SU-2025:15710-1

Related

openSUSE-SU-2025:15710-1

Published

2025-10-29T15:15:40.260Z

Modified

2026-04-10T04:57:52.704459Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a * on * in * rule for resources or have a * on * rule for non-resource URLs

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32199.json"