VYPR
Medium severity4.3GHSA Advisory· Published Oct 29, 2025· Updated Apr 15, 2026

CVE-2023-32199

CVE-2023-32199

Description

A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a * on * in * rule for resources or have a * on * rule for non-resource URLs

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
< 0.0.0-20251014212116-7faa74a968c20.0.0-20251014212116-7faa74a968c2

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.