CVE-2021-36784: Improper Privilege Management

May 2, 2022

A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.

References

github.com/advisories/GHSA-jwvr-vv7p-gpwq
github.com/rancher/rancher/releases/tag/v2.5.13
github.com/rancher/rancher/releases/tag/v2.6.4
github.com/rancher/rancher/security/advisories/GHSA-jwvr-vv7p-gpwq

Detect and mitigate CVE-2021-36784 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →