Denial of Access Vulnerability in Rancher Manager by SUSE
CVE-2024-58260
7.6HIGH
What is CVE-2024-58260?
A vulnerability in Rancher Manager has been discovered, resulting from insufficient server-side validation on the .username
field. This flaw could allow users possessing update permissions on other User resources to deny access to specific targeted accounts. This highlights the importance of robust validation measures to safeguard against potential exploits that could disrupt access for legitimate users.
Affected Version(s)
rancher 2.12.0 < 2.12.2
rancher 2.11.0 < 2.11.6
rancher 2.10.0 < 2.10.10