CVE-2022-21947 — Resource Exposure in Rancher
Severity
8.8HIGHNVD
CNA8.3
EPSS
0.1%
top 73.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 1
Description
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9