Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rancher: Failure to properly sanitize credentials in cluster template answers
Vulnerability Description
A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Rancher Labs Rancher 信息泄露漏洞
Vulnerability Description
Rancher Labs Rancher是美国Rancher Labs公司的一套开源的企业级容器管理平台。 Rancher for SUSE 2.5.0到2.5.12版本、2.6.0到2.6.3版本存在信息泄露漏洞,该漏洞源于敏感信息明文存储,任何对 Kubernetes API 中的对象具有读取权限的人都可以检索这些敏感数据的明文版本。
CVSS Information
N/A
Vulnerability Type
N/A