GHSA-gc62-j469-9gjm

Suggest an improvement
Source
https://github.com/advisories/GHSA-gc62-j469-9gjm
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gc62-j469-9gjm/GHSA-gc62-j469-9gjm.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-gc62-j469-9gjm
Aliases
Published
2022-05-24T16:47:29Z
Modified
2023-11-08T04:01:03.321115Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Rancher Privilege Escalation Vulnerability
Details

In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.

References

Affected packages

Go / github.com/rancher/rancher

Package

Name
github.com/rancher/rancher
View open source insights on deps.dev
Purl
pkg:golang/github.com/rancher/rancher

Affected ranges

Type
SEMVER
Events
Introduced
2.0.0
Fixed
2.2.4

Go / github.com/rancher/rancher

Package

Name
github.com/rancher/rancher
View open source insights on deps.dev
Purl
pkg:golang/github.com/rancher/rancher

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.27