Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
Vulnerability Description
A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
Rancher 访问控制错误漏洞
Vulnerability Description
Rancher是美国Rancher开源的一个开源容器管理平台,专为在生产环境中部署容器的组织而构建。 Rancher 2.8.0至2.8.13之前版本、2.9.0至2.9.7之前版本和2.10.0至2.10.3之前版本存在访问控制错误漏洞,该漏洞源于本地用户可以通过SAML身份验证在首次登录时冒充其他身份。
CVSS Information
N/A
Vulnerability Type
N/A