How severe is CVE-2021-31999?

CVE-2021-31999 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-31999

Name: rancher
Author: rancher

8.8HIGH

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group

发布于: 7/15/2021更新于: 11/21/2024

描述

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16.

AI分析AI驱动

受影响产品

rancherrancher

参考资料

https://bugzilla.suse.com/show_bug.cgi?id=1187084
Issue TrackingRelease NotesThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1187084
Issue TrackingRelease NotesThird Party Advisory