Vulnerability Details CVE-2022-21947
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 8.3
CVSS v2 Score 5.8
References
Products affected by CVE-2022-21947
-
cpe:2.3:a:suse:rancher_desktop:-
-
cpe:2.3:a:suse:rancher_desktop:0.1.0
-
cpe:2.3:a:suse:rancher_desktop:0.2.0
-
cpe:2.3:a:suse:rancher_desktop:0.2.1
-
cpe:2.3:a:suse:rancher_desktop:0.3.0
-
cpe:2.3:a:suse:rancher_desktop:0.4.0
-
cpe:2.3:a:suse:rancher_desktop:0.4.1
-
cpe:2.3:a:suse:rancher_desktop:0.6.0
-
cpe:2.3:a:suse:rancher_desktop:0.6.1
-
cpe:2.3:a:suse:rancher_desktop:0.7.0
-
cpe:2.3:a:suse:rancher_desktop:0.7.1
-
cpe:2.3:a:suse:rancher_desktop:1.0.0
-
cpe:2.3:a:suse:rancher_desktop:1.1.0
-
cpe:2.3:a:suse:rancher_desktop:1.1.1
-
cpe:2.3:a:suse:rancher_desktop:1.2.0