Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Exposure of vSphere's CPI and CSI credentials in Rancher
Vulnerability Description
A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Rancher 安全漏洞
Vulnerability Description
Rancher是美国Rancher开源的一个开源容器管理平台,专为在生产环境中部署容器的组织而构建。 Rancher存在安全漏洞,该漏洞源于存储vSphere的CPI和CSI凭据的方式,导致vSphere CPI和CSI密码以明文形式存储。
CVSS Information
N/A
Vulnerability Type
N/A