cbcvebase.

Github.Com Rancher Rancher vulnerabilities

56 known vulnerabilities affecting github.com/rancher_rancher.

Total CVEs
56
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH31MEDIUM13

Vulnerabilities

Page 2 of 3
CVE-2023-22648P3HIGH≥ 2.6.7, < 2.6.13≥ 2.7.0, < 2.7.42026-03-03
CVE-2023-22648 [HIGH] CWE-269 Rancher's Azure AD permission changes are not reflected on active sessions Rancher's Azure AD permission changes are not reflected on active sessions A bug has been identified in which permission changes in Azure AD are not reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group
ghsaosv
CVE-2022-45157P3HIGH≥ 2.9.0, < 2.9.3≥ 2.7.0, < 2.8.92024-10-25
CVE-2022-45157 [HIGH] CWE-522 Exposure of vSphere's CPI and CSI credentials in Rancher Exposure of vSphere's CPI and CSI credentials in Rancher ### Impact A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability i
ghsaosv
CVE-2021-31999P3HIGH≥ 2.0.0, < 2.4.16≥ 2.5.0, < 2.5.92024-04-24
CVE-2021-31999 [HIGH] CWE-807 Rancher Privilege escalation vulnerability via malicious "Connection" header Rancher Privilege escalation vulnerability via malicious "Connection" header A vulnerability was discovered in Rancher 2.0.0 through the aforementioned patched versions, where a malicious Rancher user could craft an API request directed at the proxy for the Kubernetes API of a managed cluster to gain access to information they do not have access to. This is done by passing the "Impersonate
ghsaosv
CVE-2017-7297P3HIGH≥ 1.5.0, < 1.5.3≥ 1.4.0, < 1.4.3+2 more2022-05-13
CVE-2017-7297 [HIGH] Rancher Access Control Vulnerability Rancher Access Control Vulnerability Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.
ghsaosv
CVE-2024-58259P3HIGH≥ 2.12.0, < 2.12.1≥ 2.11.0, < 2.11.5+3 more2025-08-29
CVE-2024-58259 [HIGH] CWE-770 Rancher affected by unauthenticated Denial of Service Rancher affected by unauthenticated Denial of Service ### Impact A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into memory during processing. This could result in: - Denial
ghsaosv
CVE-2024-58267P3HIGH≥ 2.12.0, < 2.12.2≥ 2.11.0, < 2.11.6+2 more2025-09-26
CVE-2024-58267 [HIGH] CWE-345 Rancher CLI SAML authentication is vulnerable to phishing attacks Rancher CLI SAML authentication is vulnerable to phishing attacks ### Impact A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens. Rancher Manager deployments without SAML authentication
ghsaosv
CVE-2019-12274P3HIGH≥ 2.0.0, < 2.2.4≥ 0, < 1.6.272022-05-24
CVE-2019-12274 [HIGH] CWE-668 Rancher Privilege Escalation Vulnerability Rancher Privilege Escalation Vulnerability In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.
ghsaosv
CVE-2025-23388P3HIGH≥ 2.8.0, < 2.8.13≥ 2.9.0, < 2.9.7+1 more2025-02-27
CVE-2025-23388 [HIGH] CWE-121 Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API ### Impact An unauthenticated stack overflow crash, leading to a denial of service (DoS), was identified in Rancher’s `/v3-public/authproviders` public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would actuall
ghsaosv
CVE-2022-31247P3CRITICAL≥ 2.5.0, < 2.5.16≥ 2.6.0, < 2.6.72026-03-03
CVE-2022-31247 [CRITICAL] CWE-285 Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB) Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB) ### Impact An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where a flaw with authorization logic allows privilege escalation through cluster role template binding (CRTB) and project role template binding
ghsaosv
CVE-2021-36778P3HIGH≥ 2.6.0, < 2.6.3≥ 2.5.0, < 2.5.122022-05-02
CVE-2021-36778 [HIGH] CWE-200 Exposure of repository credentials to external third-party sources in Rancher Exposure of repository credentials to external third-party sources in Rancher ### Impact This issue only happens when the user configures access credentials to a private repository in Rancher inside `Apps & Marketplace > Repositories`. It affects Rancher versions 2.5.0 up to and including 2.5.11 and from 2.6.0 up to and including 2.6.2. An insufficient check of the same-origin policy whe
ghsaosv
CVE-2026-25705P3HIGH≥ 2.14.0, < 2.14.1≥ 2.13.0, < 2.13.5+2 more2026-05-07
CVE-2026-25705 [HIGH] CWE-35 Rancher Extensions have arbitrary file access via path traversal Rancher Extensions have arbitrary file access via path traversal ### Impact A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` field inside a `UIPlugin` deployment. A malicious UI extension could abuse that t
ghsa
CVE-2023-22647P3CRITICAL≥ 2.6.0, < 2.6.13≥ 2.7.0, < 2.7.42023-06-06
CVE-2023-22647 [CRITICAL] CWE-267 Rancher vulnerable to Privilege Escalation via manipulation of Secrets Rancher vulnerable to Privilege Escalation via manipulation of Secrets ### Impact A vulnerability has been identified which enables [Standard users](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions) or above to elevate their permissions to Administrator in the `l
ghsaosv
CVE-2024-58260P3HIGH≥ 2.12.0, < 2.12.2≥ 2.11.0, < 2.11.6+2 more2025-09-26
CVE-2024-58260 [HIGH] CWE-863 Rancher update on users can deny the service to the admin Rancher update on users can deny the service to the admin ### Impact A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts. Specifically: - Username takeover: A user with permission to update another user’s resource c
ghsaosv
CVE-2024-22030P3HIGH≥ 2.7.0, < 2.7.15≥ 2.8.0, < 2.8.8+1 more2024-09-26
CVE-2024-22030 [HIGH] CWE-295 Rancher agents can be hijacked by taking over the Rancher Server URL Rancher agents can be hijacked by taking over the Rancher Server URL ### Impact A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The targeted domain is the
ghsaosv
CVE-2021-36784P3MEDIUM≥ 2.6.0, < 2.6.4≥ 2.5.0, < 2.5.132022-05-02
CVE-2021-36784 [MEDIUM] CWE-269 Privilege escalation for users with create/update permissions in Global Roles in Rancher Privilege escalation for users with create/update permissions in Global Roles in Rancher ### Impact This vulnerability affects customers who utilize non-admin users that are able to create or edit [Global Roles](https://rancher.com/docs/rancher/v2.6/en/admin-settings/rbac/). The most common use case for this scenario is the [`restricted-admin`](https://rancher.com/docs/ranche
ghsaosv
CVE-2024-52281P3HIGH≥ 2.9.0, < 2.9.42025-01-14
CVE-2024-52281 [HIGH] CWE-79 Rancher UI has Stored Cross-site Scripting vulnerability Rancher UI has Stored Cross-site Scripting vulnerability ### Impact A vulnerability has been identified within Rancher UI that allows a malicious actor to perform a Stored XSS attack through the cluster description field. Please consult the associated [MITRE ATT&CK - Technique - Drive-by Compromise](https://attack.mitre.org/techniques/T1189/) for further information about this category of attack. ### Patches
ghsaosv
CVE-2023-32194P3HIGH≥ 2.6.0, < 2.6.14≥ 2.7.0, < 2.7.10+1 more2024-02-08
CVE-2023-32194 [HIGH] CWE-269 Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' ### Impact A vulnerability has been identified when granting a `create` or `*` **global role** for a resource type of "namespaces"; no matter the API group, the subject will receive `*` permissions for core namespaces. This can lead to someone being capable of ac
ghsaosv
CVE-2019-6287P3HIGH≥ 2.0.0, < 2.1.62022-05-13
CVE-2019-6287 [HIGH] CWE-269 Rancher Project Members Have Continued Access to Namespaces After Being Removed From Them Rancher Project Members Have Continued Access to Namespaces After Being Removed From Them In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it.
ghsaosv
CVE-2022-43758P3MEDIUM≥ 2.5.0, < 2.5.17≥ 2.6.0, < 2.6.10+1 more2023-01-25
CVE-2022-43758 [MEDIUM] CWE-77 Command injection in Rancher Git package Command injection in Rancher Git package ### Impact An issue was discovered in Rancher from versions 2.5.0 up to and including 2.5.16, 2.6.0 up to and including 2.6.9 and 2.7.0, where a command injection vulnerability is present in the Rancher Git package. This package uses the underlying Git binary available in the Rancher container image to execute Git operations. Specially crafted commands, when not properly disambigua
ghsaosv
CVE-2023-32197P3CRITICAL≥ 2.7.0, < 2.8.9≥ 2.9.0, < 2.9.32024-10-25
CVE-2023-32197 [CRITICAL] CWE-269 Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists ### Impact A vulnerability has been identified whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation.
ghsa
Github.Com Rancher Rancher vulnerabilities | cvebase