CVE-2022-21953
published 2023-02-07CVE-2022-21953: A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster…
PriorityP352high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.47%
37.1th percentile
A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | >= 2.5.0 < 2.5.17 | 2.5.17 |
| github.com | rancher_rancher | >= 2.6.0 < 2.6.10 | 2.6.10 |
| github.com | rancher_rancher | >= 2.7.0 < 2.7.1 | 2.7.1 |
| suse | rancher | >= 2.5.0 < 2.5.17 | 2.5.17 |
| suse | rancher | >= 2.6.0 < 2.6.10 | 2.6.10 |
| suse | rancher | >= 2.7.0 < 2.7.1 | 2.7.1 |
| suse | rancher | >= Rancher < 2.5.17 | 2.5.17 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
ghsa·2023-01-25
CVE-2022-21953 [HIGH] CWE-284 Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
### Impact
An issue was discovered in Rancher where an authorization logic flaw allows an authenticated user on any downstream cluster to (1) open a shell pod in the Rancher `local` cluster and (2) have limited `kubectl` access to it. The expected behavior is that a user does not have such access in the Rancher `local` cluster unless explicitly granted.
This issue does not allow the user to escalate privileges in the `local` cluster directly (this would require another vulnerability to be exploited).
The security issue happens in two different ways:
1. Shell pod access - This is when a user opens a shell pod in the Rancher UI to a downstream cluster that the user has permission to access. The we
OSV
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
osv·2023-01-25
CVE-2022-21953 [HIGH] Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
### Impact
An issue was discovered in Rancher where an authorization logic flaw allows an authenticated user on any downstream cluster to (1) open a shell pod in the Rancher `local` cluster and (2) have limited `kubectl` access to it. The expected behavior is that a user does not have such access in the Rancher `local` cluster unless explicitly granted.
This issue does not allow the user to escalate privileges in the `local` cluster directly (this would require another vulnerability to be exploited).
The security issue happens in two different ways:
1. Shell pod access - This is when a user opens a shell pod in the Rancher UI to a downstream cluster that the user has permission to access. The we
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-02-07
Published