Vulnerability Details CVE-2022-21953
A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.0%
CVSS Severity
CVSS v3 Score 7.4
References
Products affected by CVE-2022-21953
-
cpe:2.3:a:suse:rancher:2.5.0
-
cpe:2.3:a:suse:rancher:2.5.1
-
cpe:2.3:a:suse:rancher:2.5.10
-
cpe:2.3:a:suse:rancher:2.5.11
-
cpe:2.3:a:suse:rancher:2.5.12
-
cpe:2.3:a:suse:rancher:2.5.13
-
cpe:2.3:a:suse:rancher:2.5.2
-
cpe:2.3:a:suse:rancher:2.5.3
-
cpe:2.3:a:suse:rancher:2.5.4
-
cpe:2.3:a:suse:rancher:2.5.5
-
cpe:2.3:a:suse:rancher:2.5.6
-
cpe:2.3:a:suse:rancher:2.5.7
-
cpe:2.3:a:suse:rancher:2.5.8
-
cpe:2.3:a:suse:rancher:2.5.9
-
cpe:2.3:a:suse:rancher:2.6.0
-
cpe:2.3:a:suse:rancher:2.6.1
-
cpe:2.3:a:suse:rancher:2.6.2
-
cpe:2.3:a:suse:rancher:2.6.3
-
cpe:2.3:a:suse:rancher:2.6.4
-
cpe:2.3:a:suse:rancher:2.7.0