CVE-2023-22650
published 2024-10-16CVE-2023-22650: A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider…
PriorityP353high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.58%
43.6th percentile
A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | >= 2.7.0 < 2.7.14 | 2.7.14 |
| github.com | rancher_rancher | >= 2.8.0 < 2.8.5 | 2.8.5 |
| suse | rancher | >= 2.7.0 < 2.7.14 | 2.7.14 |
| suse | rancher | >= 2.8.0 < 2.8.5 | 2.8.5 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher
osv·2024-06-28
CVE-2023-22650 Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/rancher/rancher from v2.7.0 before v2.7.14, from v2.8.0 before v2.8.5.
GHSA
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
ghsa·2024-06-17
CVE-2023-22650 [HIGH] CWE-287 Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
### Impact
A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable.
An AP must be enabled to be affected by this, as the built-in User Management feature is not affected by this vulnerability.
This issue may lead to an adversary gaining unauthorized access, as the user’s access privileges may still be active within Rancher even though they are no longer valid on the configured AP (please consult the [MITRE ATT&CK - Tec
OSV
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
osv·2024-06-17
CVE-2023-22650 [HIGH] Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
### Impact
A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable.
An AP must be enabled to be affected by this, as the built-in User Management feature is not affected by this vulnerability.
This issue may lead to an adversary gaining unauthorized access, as the user’s access privileges may still be active within Rancher even though they are no longer valid on the configured AP (please consult the [MITRE ATT&CK - Tec
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-16
Published