CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22036 – Rancher Remote Code Execution via Cluster/Node Drivers
https://notcve.org/view.php?id=CVE-2024-22036
16 Apr 2025 — A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. This issue affects rancher:... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036 • CWE-269: Improper Privilege Management •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52281 – Stored Cross-site Scripting vulnerability in Rancher UI
https://notcve.org/view.php?id=CVE-2024-52281
16 Apr 2025 — A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field. This issue affects rancher: from 2.9.0 before 2.9.4. A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field. This issue affects rancher: from 2.9.0 before 2.9.4. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52281 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52282 – Rancher Helm Applications may have sensitive values leaked
https://notcve.org/view.php?id=CVE-2024-52282
11 Apr 2025 — A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. This issue affects rancher: from 2.8.0 before 2.8.10, from 2.9.0 before 2.9.4. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52282 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23387 – Rancher's SAML-based login via CLI can be denied by unauthenticated users
https://notcve.org/view.php?id=CVE-2025-23387
11 Apr 2025 — A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed unauthenticated users to list all CLI authentication tokens and delete them before the CLI is able to get the token value.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23387 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23388 – Unauthenticated stack overflow in /v3-public/authproviders API
https://notcve.org/view.php?id=CVE-2025-23388
11 Apr 2025 — A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23388 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23389 – Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
https://notcve.org/view.php?id=CVE-2025-23389
11 Apr 2025 — A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389 • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23391 – Rancher: Restricted Administrator can change Administrator's passwords
https://notcve.org/view.php?id=CVE-2025-23391
11 Apr 2025 — A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4. A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 befor... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23391 • CWE-266: Incorrect Privilege Assignment •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-45157 – Exposure of vSphere's CPI and CSI credentials in Rancher
https://notcve.org/view.php?id=CVE-2022-45157
13 Nov 2024 — A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2022-45157 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22030 – Rancher agents can be hijacked by taking over the Rancher Server URL
https://notcve.org/view.php?id=CVE-2024-22030
16 Oct 2024 — A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The targeted domain is the one used as the Rancher URL. Se ha identificado una vulnerabilidad en Rancher que puede explotarse en circunstancias específicas mediante un ataque de intermediario (MITM). Un atacante tendría... • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22030 • CWE-295: Improper Certificate Validation •