Moderate severityNVD Advisory· Published May 2, 2022· Updated Sep 16, 2024
Privilege escalation for users with create/update permissions in Global Roles
CVE-2021-36784
Description
A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/rancher/rancherGo | >= 2.6.0, < 2.6.4 | 2.6.4 |
github.com/rancher/rancherGo | >= 2.5.0, < 2.5.13 | 2.5.13 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-jwvr-vv7p-gpwqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-36784ghsaADVISORY
- github.com/rancher/rancherghsaPACKAGE
- bugzilla.suse.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/rancher/rancher/releases/tag/v2.5.13ghsaWEB
- github.com/rancher/rancher/releases/tag/v2.6.4ghsaWEB
- github.com/rancher/rancher/security/advisories/GHSA-jwvr-vv7p-gpwqghsaWEB
News mentions
0No linked articles in our index yet.