In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it.
References
Link | Resource |
---|---|
https://rancher.com/blog/2019/2019-01-29-explaining-security-vulnerabilities-addressed-in-rancher-v2-1-6-and-v2-0-11/ | Vendor Advisory |
https://forums.rancher.com/c/announcements | Vendor Advisory |
Configurations
Information
Published : 2019-04-10 08:29
Updated : 2022-04-13 16:44
NVD link : CVE-2019-6287
Mitre link : CVE-2019-6287
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
suse
- rancher