CVE-2019-11202
published 2019-07-30CVE-2019-11202: An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher…
PriorityP357critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.60%
72.8th percentile
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | 2.0.0 – 2.0.13 | — |
| github.com | rancher_rancher | >= 2.0.0+incompatible < 2.2.2+incompatible | 2.2.2+incompatible |
| github.com | rancher_rancher | 2.1.0 – 2.1.8 | — |
| github.com | rancher_rancher | >= 2.2.0 < 2.2.2 | 2.2.2 |
| suse | rancher | 2.0.0 – 2.0.13 | — |
| suse | rancher | 2.1.0 – 2.1.8 | — |
| suse | rancher | 2.2.0 – 2.2.1 | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
osv·2024-06-10
CVE-2019-11202 Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
OSV
Rancher Recreates Default User With Known Password Despite Deletion
osv·2022-05-24
CVE-2019-11202 [CRITICAL] Rancher Recreates Default User With Known Password Despite Deletion
Rancher Recreates Default User With Known Password Despite Deletion
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them.
GHSA
Rancher Recreates Default User With Known Password Despite Deletion
ghsa·2022-05-24
CVE-2019-11202 [CRITICAL] CWE-287 Rancher Recreates Default User With Known Password Despite Deletion
Rancher Recreates Default User With Known Password Despite Deletion
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-07-30
Published