VYPR
High severityNVD Advisory· Published Oct 16, 2024· Updated Oct 16, 2024

Rancher 'Audit Log' leaks sensitive information

CVE-2023-22649

Description

A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDIT_LEVEL set to 1 or above are impacted by this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
>= 2.6.0, < 2.6.142.6.14
github.com/rancher/rancherGo
>= 2.7.0, < 2.7.102.7.10
github.com/rancher/rancherGo
>= 2.8.0, < 2.8.22.8.2

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.