How severe is CVE-2021-31999?

CVE-2021-31999 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-31999

Name: rancher
Author: rancher

8.8HIGH

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group

Опубликовано: 7/15/2021Обновлено: 11/21/2024

Описание

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16.

ИИ-АнализНа базе ИИ

Затронутые продукты

rancherrancher

Ссылки

https://bugzilla.suse.com/show_bug.cgi?id=1187084
Issue TrackingRelease NotesThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1187084
Issue TrackingRelease NotesThird Party Advisory