Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rancher CLI SAML authentication is vulnerable to phishing attacks
Vulnerability Description
A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Rancher 数据伪造问题漏洞
Vulnerability Description
Rancher是美国Rancher开源的一个开源容器管理平台,专为在生产环境中部署容器的组织而构建。 Rancher存在数据伪造问题漏洞,该漏洞源于SAML身份验证协议存在缺陷,可能导致钓鱼攻击和身份验证令牌窃取。
CVSS Information
N/A
Vulnerability Type
N/A