Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object
Vulnerability Description
A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Rancher Labs Rancher 安全漏洞
Vulnerability Description
Rancher Labs Rancher是美国Rancher Labs公司的一套开源的企业级容器管理平台。 Rancher for SUSE 2.5.0到2.5.15版本、2.6.0到2.6.6版本存在安全漏洞,该漏洞源于敏感信息明文存储,任何对 Kubernetes API 中的对象具有读取权限的人都可以检索这些敏感数据的明文版本。
CVSS Information
N/A
Vulnerability Type
N/A