Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

CVE-2022-31247

9.1CRITICAL

Key Information

Vendor: Suse
Status: Rancher
Vendor: CVE Published:; 7 September 2022

Summary

An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16.

Affected Version(s)

Rancher < 2.6.7

Rancher < 2.5.16

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Sep 7, 2022
Vulnerability Reserved.
May 20, 2022

Collectors

NVD DatabaseMitre Database