CVE-2022-21947

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
References
Link Resource
https://bugzilla.suse.com/show_bug.cgi?id=1197491 Issue Tracking Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1197491 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:suse:rancher_desktop:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:45

Type Values Removed Values Added
CVSS v2 : 5.8
v3 : 8.8
v2 : 5.8
v3 : 8.3
References () https://bugzilla.suse.com/show_bug.cgi?id=1197491 - Issue Tracking, Third Party Advisory () https://bugzilla.suse.com/show_bug.cgi?id=1197491 - Issue Tracking, Third Party Advisory

06 Jul 2023, 15:15

Type Values Removed Values Added
Summary A Improper Access Control vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.

27 Jun 2023, 19:01

Type Values Removed Values Added
CWE CWE-284 CWE-668

Information

Published : 2022-04-01 07:15

Updated : 2024-11-21 06:45


NVD link : CVE-2022-21947

Mitre link : CVE-2022-21947

CVE.ORG link : CVE-2022-21947


JSON object : View

Products Affected

suse

  • rancher_desktop
CWE
CWE-668

Exposure of Resource to Wrong Sphere