CVE-2021-4200
published 2022-05-02CVE-2021-4200: A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue…
PriorityP430medium5.4CVSS 3.1
AVNACLPRLUINSUCNILAL
EPSS
0.57%
42.7th percentile
A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | >= 2.5.0 < 2.5.13 | 2.5.13 |
| github.com | rancher_rancher | >= 2.6.0 < 2.6.4 | 2.6.4 |
| suse | rancher | < 2.5.13 | 2.5.13 |
| suse | rancher | >= 2.6.0 < 2.6.4 | 2.6.4 |
| suse | rancher | >= Rancher < 2.5.13 | 2.5.13 |
| suse | rancher | >= Rancher < 2.6.4 | 2.6.4 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
ghsa·2022-05-02
CVE-2021-4200 [HIGH] CWE-269 Write access to the catalog for any user when restricted-admin role is enabled in Rancher
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
### Impact
This vulnerability only affects customers using the [`restricted-admin`](https://rancher.com/docs/rancher/v2.6/en/admin-settings/rbac/global-permissions/#restricted-admin) role in Rancher. For this role to be active, Rancher must be bootstrapped with the environment variable `CATTLE_RESTRICTED_DEFAULT_ADMIN=true` or the configuration flag `restrictedAdmin=true`.
A flaw was discovered in Rancher versions from 2.5.0 up to and including 2.5.12 and from 2.6.0 up to and including 2.6.3 where the `global-data` role in `cattle-global-data` namespace grants write access to the Catalogs. Since each user with any level of catalog access was bound to the `global-data` role, this grants write access
OSV
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
osv·2022-05-02
CVE-2021-4200 [HIGH] Write access to the catalog for any user when restricted-admin role is enabled in Rancher
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
### Impact
This vulnerability only affects customers using the [`restricted-admin`](https://rancher.com/docs/rancher/v2.6/en/admin-settings/rbac/global-permissions/#restricted-admin) role in Rancher. For this role to be active, Rancher must be bootstrapped with the environment variable `CATTLE_RESTRICTED_DEFAULT_ADMIN=true` or the configuration flag `restrictedAdmin=true`.
A flaw was discovered in Rancher versions from 2.5.0 up to and including 2.5.12 and from 2.6.0 up to and including 2.6.3 where the `global-data` role in `cattle-global-data` namespace grants write access to the Catalogs. Since each user with any level of catalog access was bound to the `global-data` role, this grants write access
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-05-02
Published