Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rancher agents can be hijacked by taking over the Rancher Server URL
Vulnerability Description
A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The targeted domain is the one used as the Rancher URL.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
证书验证不恰当
Vulnerability Title
Rancher 信任管理问题漏洞
Vulnerability Description
Rancher是美国Rancher开源的一个开源容器管理平台,专为在生产环境中部署容器的组织而构建。 Rancher存在信任管理问题漏洞,该漏洞源于在特定情况下可以通过中间人(MITM)攻击来劫持Rancher代理。
CVSS Information
N/A
Vulnerability Type
N/A