Rancher Vulnerability: Narrow MITM Exploit via Domain Control
CVE-2024-22030

8HIGH

Key Information:

Vendor: Suse
Status: Rancher
Vendor: CVE Published:; 16 October 2024

Summary

A vulnerability within Rancher has been identified, which could be exploited under specific conditions via a man-in-the-middle (MITM) attack. For this to take place, an attacker must either have control over a domain that has expired or carry out a DNS spoofing or hijacking attack against the Rancher URL. This potential security flaw requires stringent measures to safeguard against domain takeover and reinforce DNS security protocols to prevent exploitation. Organizations using Rancher must remain vigilant, ensuring they regularly monitor domain statuses and assess their DNS integrity.

Affected Version(s)

rancher 2.7.0 < 2.7.15

rancher 2.8.0 < 2.8.8

rancher 2.9.0 < 2.9.2

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22030

https://github.com/rancher/rancher/security/advisories/GH...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 16, 2024
Vulnerability Reserved
Jan 4, 2024

Credit

Jarkko Vesiluoma from Redtest Security