| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-22032 | Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec | SUSE | rancher | Medium | 6.5 | 2024-10-16 13:26:02 | Deep Dive |
| CVE-2024-22030 | Rancher agents can be hijacked by taking over the Rancher Server URL | SUSE | rancher | High | 8.0 | 2024-10-16 13:24:07 | Deep Dive |
| CVE-2023-32196 | Rancher's External RoleTemplates can lead to privilege escalation | SUSE | rancher | Medium | 6.6 | 2024-10-16 13:01:47 | Deep Dive |
| CVE-2023-32194 | Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' | SUSE | rancher | High | 7.2 | 2024-10-16 12:56:38 | Deep Dive |
| CVE-2023-22650 | Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider | SUSE | rancher | High | 8.8 | 2024-10-16 08:20:42 | Deep Dive |
| CVE-2023-22649 | Rancher 'Audit Log' leaks sensitive information | SUSE | rancher | High | 8.4 | 2024-10-16 07:46:51 | Deep Dive |
| CVE-2022-43760 | Rancher Labs Rancher 跨站脚本漏洞 | SUSE | Rancher | High | 8.4 | 2023-06-01 12:56:40 | Deep Dive |
| CVE-2023-22647 | Rancher Labs Rancher 安全漏洞 | SUSE | Rancher | Critical | 9.9 | 2023-06-01 12:52:49 | Deep Dive |
| CVE-2023-22648 | Rancher Labs Rancher 安全漏洞 | SUSE | Rancher | High | 8.0 | 2023-06-01 12:49:35 | Deep Dive |
| CVE-2023-22651 | Rancher 安全漏洞 | SUSE | Rancher | Critical | 9.9 | 2023-05-04 07:53:50 | Deep Dive |
| CVE-2022-43759 | Rancher: Privilege escalation via promoted roles | SUSE | Rancher | High | 7.2 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43758 | Rancher: Command injection in Git package | SUSE | Rancher | High | 7.6 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43757 | Rancher: Exposure of sensitive fields | SUSE | Rancher | Critical | 9.9 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43756 | Rancher/Wrangler: Denial of service when processing Git credentials | SUSE | Rancher | Medium | 5.9 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43755 | Rancher: Non-random authentication token | SUSE | Rancher | High | 7.1 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-31249 | [RANCHER] OS command injection in Rancher and Fleet | SUSE | Rancher | High | 7.5 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-21953 | Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster | SUSE | Rancher | High | 7.4 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-31247 | Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB) | SUSE | Rancher | Critical | 9.1 | 2022-09-07 08:20:18 | Deep Dive |
| CVE-2021-36783 | Rancher: Failure to properly sanitize credentials in cluster template answers | SUSE | Rancher | Critical | 9.9 | 2022-09-07 08:20:17 | Deep Dive |
| CVE-2021-36782 | Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object | SUSE | Rancher | Critical | 9.9 | 2022-09-07 08:20:16 | Deep Dive |