CVE-2022-43755
published 2023-02-07CVE-2022-43755: A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.72%
74.6th percentile
A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | >= 2.6.0 < 2.6.10 | 2.6.10 |
| github.com | rancher_rancher | >= 2.7.0 < 2.7.1 | 2.7.1 |
| suse | rancher | >= 2.6.0 < 2.6.10 | 2.6.10 |
| suse | rancher | >= 2.7.0 < 2.7.1 | 2.7.1 |
| suse | rancher | >= Rancher < 2.6.10 | 2.6.10 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.9CRITICAL
osv9.9CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Rancher cattle-token is predictable
ghsa·2023-01-25·CVSS 9.9
CVE-2022-43755 [CRITICAL] CWE-330 Rancher cattle-token is predictable
Rancher cattle-token is predictable
### Impact
An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the `cattle-token` secret, used by the `cattle-cluster-agent`, is predictable. Even after the token is regenerated, it will have the same value. This issue is not present in Rancher 2.5 releases.
The `cattle-token` is used by Rancher's `cattle-cluster-agent` to connect to the Kubernetes API of Rancher provisioned downstream clusters. The problem occurs because the `cattle-token` secret does not use any random value in its composition, which causes it to always be regenerated with the same value. This can pose a serious problem if the token is compromised and needs to be recreated for security purposes.
The usage of the `cattle-token` by an unauthorized u
OSV
Rancher cattle-token is predictable
osv·2023-01-25·CVSS 9.9
CVE-2022-43755 [CRITICAL] Rancher cattle-token is predictable
Rancher cattle-token is predictable
### Impact
An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the `cattle-token` secret, used by the `cattle-cluster-agent`, is predictable. Even after the token is regenerated, it will have the same value. This issue is not present in Rancher 2.5 releases.
The `cattle-token` is used by Rancher's `cattle-cluster-agent` to connect to the Kubernetes API of Rancher provisioned downstream clusters. The problem occurs because the `cattle-token` secret does not use any random value in its composition, which causes it to always be regenerated with the same value. This can pose a serious problem if the token is compromised and needs to be recreated for security purposes.
The usage of the `cattle-token` by an unauthorized u
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-02-07
Published