Security Advisory

CVE-2021-25320

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-15 08:55:17

Last updated 2024-09-16 20:21:51

Assigner suse

State PUBLISHED

Description

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16.

← Browse all CVEs View on cve.org ↗