Multiple vulnerabilities in Rancher



Published: 2021-07-23
Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2021-31999
CVE-2021-25318
CVE-2021-25320
CWE-ID CWE-264
CWE-732
CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Rancher
Web applications / Modules and components for CMS

Vendor rancher

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU55281

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-31999

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a reliance on untrusted inputs in a security decision issue. A remote attacker can forge the "Impersonate-User" or "Impersonate-Group" headers and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Rancher: 2.4.0 - 2.5.8

External links

http://bugzilla.suse.com/show_bug.cgi?id=1187084


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incorrect permission assignment for critical resource

EUVDB-ID: #VU55282

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-25318

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to incorrect permission assignment for critical resource. A remote authenticated attacker can modify resources they should not have access to.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Rancher: 2.4.0 - 2.5.8

External links

http://bugzilla.suse.com/show_bug.cgi?id=1184913


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU55283

Risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-25320

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote authenticated attacker can make request to cloud providers by creating requests with the cloud-credential ID.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Rancher: 2.4.0 - 2.5.8

External links

http://bugzilla.suse.com/show_bug.cgi?id=1185514


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###