cvelistv5 - cve-2021-36782

CVE-2021-36782 (GCVE-0-2021-36782)

Vulnerability from cvelistv5 – Published: 2022-09-07 08:20 – Updated: 2024-09-17 04:14

Title

Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object

Summary

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.

Severity ?

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-312 - Cleartext Storage of Sensitive Information

Assigner

suse

References

URL

Tags

	https://bugzilla.suse.com/show_bug.cgi?id=1193988	x_refsource_CONFIRM
	https://github.com/rancher/rancher/security/advis…	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

SUSE

Rancher

Affected: Rancher , < 2.5.16 (custom)

SUSE

Rancher

Affected: Rancher , < 2.6.7 (custom)

Credits

Florian Struck (from Continum AG) and Marco Stuurman (from Shock Media B.V.)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:01:59.069Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Rancher",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.5.16",
              "status": "affected",
              "version": "Rancher",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Rancher",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.6.7",
              "status": "affected",
              "version": "Rancher",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Florian Struck (from Continum AG) and Marco Stuurman (from Shock Media B.V.)"
        }
      ],
      "datePublic": "2022-08-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312: Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-07T08:20:15",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
        "defect": [
          "1193988"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2022-08-19T00:00:00.000Z",
          "ID": "CVE-2021-36782",
          "STATE": "PUBLIC",
          "TITLE": "Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Rancher",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "Rancher",
                            "version_value": "2.5.16"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Rancher",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "Rancher",
                            "version_value": "2.6.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Florian Struck (from Continum AG) and Marco Stuurman (from Shock Media B.V.)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-312: Cleartext Storage of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
            },
            {
              "name": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f",
              "refsource": "CONFIRM",
              "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
          "defect": [
            "1193988"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-36782",
    "datePublished": "2022-09-07T08:20:16.064791Z",
    "dateReserved": "2021-07-19T00:00:00",
    "dateUpdated": "2024-09-17T04:14:05.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.5.0\", \"versionEndExcluding\": \"2.5.16\", \"matchCriteriaId\": \"0F219B91-5B6F-460A-A75F-93555ECF2C1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.0\", \"versionEndExcluding\": \"2.6.7\", \"matchCriteriaId\": \"B45FC83F-E91A-4872-996E-72685FBD0AA3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Almacenamiento en Texto sin Cifrar de Informaci\\u00f3n confidencial en SUSE Rancher permite a propietarios de cl\\u00fasteres, los miembros de cl\\u00fasteres, los propietarios de proyectos, los miembros de proyectos y la base de usuarios autenticados usar la API de Kubernetes para recuperar una versi\\u00f3n en texto sin cifrar de datos confidenciales. Este problema afecta a: SUSE Rancher versiones anteriores a 2.5.16; Rancher versiones anteriores a 2.6.7\"}]",
      "id": "CVE-2021-36782",
      "lastModified": "2024-11-21T06:14:05.320",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"meissner@suse.de\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.9, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.9, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 6.0}]}",
      "published": "2022-09-07T09:15:08.397",
      "references": "[{\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1193988\", \"source\": \"meissner@suse.de\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f\", \"source\": \"meissner@suse.de\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1193988\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "meissner@suse.de",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"meissner@suse.de\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-312\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-36782\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2022-09-07T09:15:08.397\",\"lastModified\":\"2024-11-21T06:14:05.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Almacenamiento en Texto sin Cifrar de Informaci\u00f3n confidencial en SUSE Rancher permite a propietarios de cl\u00fasteres, los miembros de cl\u00fasteres, los propietarios de proyectos, los miembros de proyectos y la base de usuarios autenticados usar la API de Kubernetes para recuperar una versi\u00f3n en texto sin cifrar de datos confidenciales. Este problema afecta a: SUSE Rancher versiones anteriores a 2.5.16; Rancher versiones anteriores a 2.6.7\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-312\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.5.0\",\"versionEndExcluding\":\"2.5.16\",\"matchCriteriaId\":\"0F219B91-5B6F-460A-A75F-93555ECF2C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.0\",\"versionEndExcluding\":\"2.6.7\",\"matchCriteriaId\":\"B45FC83F-E91A-4872-996E-72685FBD0AA3\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1193988\",\"source\":\"meissner@suse.de\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f\",\"source\":\"meissner@suse.de\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1193988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]}]}}"
  }
}

FKIE_CVE-2021-36782

Vulnerability from fkie_nvd - Published: 2022-09-07 09:15 - Updated: 2024-11-21 06:14

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

References

URL	Tags
meissner@suse.de	https://bugzilla.suse.com/show_bug.cgi?id=1193988	Exploit, Issue Tracking, Mitigation, Vendor Advisory
meissner@suse.de	https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f	Exploit, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.suse.com/show_bug.cgi?id=1193988	Exploit, Issue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f	Exploit, Mitigation, Third Party Advisory

Impacted products

	Vendor	Product	Version
	suse	rancher	*
	suse	rancher	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F219B91-5B6F-460A-A75F-93555ECF2C1A",
              "versionEndExcluding": "2.5.16",
              "versionStartIncluding": "2.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B45FC83F-E91A-4872-996E-72685FBD0AA3",
              "versionEndExcluding": "2.6.7",
              "versionStartIncluding": "2.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Almacenamiento en Texto sin Cifrar de Informaci\u00f3n confidencial en SUSE Rancher permite a propietarios de cl\u00fasteres, los miembros de cl\u00fasteres, los propietarios de proyectos, los miembros de proyectos y la base de usuarios autenticados usar la API de Kubernetes para recuperar una versi\u00f3n en texto sin cifrar de datos confidenciales. Este problema afecta a: SUSE Rancher versiones anteriores a 2.5.16; Rancher versiones anteriores a 2.6.7"
    }
  ],
  "id": "CVE-2021-36782",
  "lastModified": "2024-11-21T06:14:05.320",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "meissner@suse.de",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-07T09:15:08.397",
  "references": [
    {
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
    },
    {
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
    }
  ],
  "sourceIdentifier": "meissner@suse.de",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "meissner@suse.de",
      "type": "Secondary"
    }
  ]
}

GHSA-G7J7-H4Q8-8W2F

Vulnerability from github – Published: 2022-09-23 18:11 – Updated: 2022-09-23 18:11

Summary

Rancher API and cluster.management.cattle.io object vulnerable to plaintext storage and exposure of credentials

Details

Impact

An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where sensitive fields, like passwords, API keys and Rancher's service account token (used to provision clusters), were stored in plaintext directly on Kubernetes objects like Clusters, for example cluster.management.cattle.io. Anyone with read access to those objects in the Kubernetes API could retrieve the plaintext version of those sensitive data.

The exposed credentials are visible in Rancher to authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base on the endpoints: - /v1/management.cattle.io.catalogs - /v1/management.cattle.io.cluster - /v1/management.cattle.io.clustertemplates - /v1/management.cattle.io.notifiers - /v1/project.cattle.io.sourcecodeproviderconfig - /k8s/clusters/local/apis/management.cattle.io/v3/catalogs - /k8s/clusters/local/apis/management.cattle.io/v3/clusters - /k8s/clusters/local/apis/management.cattle.io/v3/clustertemplates - /k8s/clusters/local/apis/management.cattle.io/v3/notifiers - /k8s/clusters/local/apis/project.cattle.io/v3/sourcecodeproviderconfigs

Sensitive fields are now stripped from Clusters and other objects and moved to a Secret before the object is stored. The Secret is retrieved when the credential is needed. For objects that existed before this security fix, a one-time migration happens on startup.

Important: - The exposure of Rancher's serviceAccountToken allows any standard user to escalate its privileges to cluster administrator in Rancher. - For the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity and availability is dependent on the permissions that the leaked credentials have on their own services.

The fields that have been addressed by this security fix are:

Notifier.SMTPConfig.Password
Notifier.WechatConfig.Secret
Notifier.DingtalkConfig.Secret
Catalog.Spec.Password
SourceCodeProviderConfig.GithubPipelineConfig.ClientSecret
SourceCodeProviderConfig.GitlabPipelineConfig.ClientSecret
SourceCodeProviderConfig.BitbucketCloudPipelineConfig.ClientSecret
SourceCodeProviderConfig.BitbucketServerPipelineConfig.PrivateKey
Cluster.Spec.RancherKubernetesEngineConfig.BackupConfig.S3BackupConfig.SecretKey
Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries.Password
Cluster.Spec.RancherKubernetesEngineConfig.Network.WeaveNetworkProvider.Password
Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.Global.Password
Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.VirtualCenter.Password
Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.OpenstackCloudProvider.Global.Password
Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientSecret
Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientCertPassword
Cluster.Status.ServiceAccountToken
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.PrivateRegistries.Password
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.Network.WeaveNetworkProvider.Password
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.Global.Password
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.VirtualCenter.Password
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.OpenstackCloudProvider.Global.Password
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientSecret
ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientCertPassword

Patches

Patched versions include releases 2.5.16, 2.6.7 and later versions.

After upgrading to a patched version, it is important to check for the SecretsMigrated condition on Clusters, ClusterTemplates, and Catalogs to confirm when secrets have been fully migrated off of those objects and the objects scoped within them (Notifiers and SourceCodeProviderConfigs).

Workarounds

Limit access in Rancher to trusted users. There is not a direct mitigation besides upgrading to the patched Rancher versions.

Important: - It is highly advised to rotate Rancher's serviceAccountToken. This rotation is not done by the version upgrade. Please see the helper script below. - The local and downstream clusters should be checked for potential unrecognized services (pods), users and API keys. - It is recommended to review for potential leaked credentials in this scenario, that are not directly related to Rancher, and to change them if deemed necessary.

The script available in rancherlabs/support-tools/rotate-tokens repository can be used as a helper to rotate the service account token (used to provision clusters). The script requires a valid Rancher API token, kubectl access to the local cluster and the jq command.

Credits

We would like to recognize and appreciate Florian Struck (from Continum AG) and Marco Stuurman (from Shock Media B.V.) for the responsible disclosure of this security issue.

For more information

If you have any questions or comments about this advisory: * Reach out to SUSE Rancher Security team for security related inquiries. * Open an issue in Rancher repository. * Verify our support matrix and product support lifecycle.

Severity ?

9.9 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/rancher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/rancher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-36782"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-23T18:11:28Z",
    "nvd_published_at": "2022-09-07T09:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\nAn issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where sensitive fields, like passwords, API keys and Rancher\u0027s service account token (used to provision clusters), were stored in plaintext directly on Kubernetes objects like `Clusters`, for example `cluster.management.cattle.io`. Anyone with read access to those objects in the Kubernetes API could retrieve the plaintext version of those sensitive data.\n\nThe exposed credentials are visible in Rancher to authenticated `Cluster Owners`, `Cluster Members`, `Project Owners`, `Project Members` and `User Base` on the endpoints:\n- `/v1/management.cattle.io.catalogs`\n- `/v1/management.cattle.io.cluster`\n- `/v1/management.cattle.io.clustertemplates`\n- `/v1/management.cattle.io.notifiers`\n- `/v1/project.cattle.io.sourcecodeproviderconfig`\n- `/k8s/clusters/local/apis/management.cattle.io/v3/catalogs`\n- `/k8s/clusters/local/apis/management.cattle.io/v3/clusters`\n-  `/k8s/clusters/local/apis/management.cattle.io/v3/clustertemplates`\n- `/k8s/clusters/local/apis/management.cattle.io/v3/notifiers`\n- `/k8s/clusters/local/apis/project.cattle.io/v3/sourcecodeproviderconfigs`\n\nSensitive fields are now stripped from `Clusters` and other objects and moved to a `Secret` before the object is stored. The `Secret` is retrieved when the credential is needed. For objects that existed before this security fix, a one-time migration happens on startup.\n\n**Important:**\n- The exposure of Rancher\u0027s `serviceAccountToken` allows any standard user to escalate its privileges to cluster administrator in Rancher.\n- For the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity and availability is dependent on the permissions that the leaked credentials have on their own services.\n\nThe fields that have been addressed by this security fix are:\n\n- `Notifier.SMTPConfig.Password`\n- `Notifier.WechatConfig.Secret`\n- `Notifier.DingtalkConfig.Secret`\n- `Catalog.Spec.Password`\n- `SourceCodeProviderConfig.GithubPipelineConfig.ClientSecret`\n- `SourceCodeProviderConfig.GitlabPipelineConfig.ClientSecret`\n- `SourceCodeProviderConfig.BitbucketCloudPipelineConfig.ClientSecret`\n- `SourceCodeProviderConfig.BitbucketServerPipelineConfig.PrivateKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.BackupConfig.S3BackupConfig.SecretKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries.Password`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Network.WeaveNetworkProvider.Password`\n- `Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.Global.Password`\n- `Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.VirtualCenter.Password`\n- `Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.OpenstackCloudProvider.Global.Password`\n- `Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientSecret`\n- `Cluster.Spec.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientCertPassword`\n- `Cluster.Status.ServiceAccountToken`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.PrivateRegistries.Password`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.Network.WeaveNetworkProvider.Password`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.Global.Password`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.VsphereCloudProvider.VirtualCenter.Password`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.OpenstackCloudProvider.Global.Password`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientSecret`\n- `ClusterTemplate.Spec.ClusterConfig.RancherKubernetesEngineConfig.CloudProvider.AzureCloudProvider.AADClientCertPassword`\n\n### Patches\nPatched versions include releases 2.5.16, 2.6.7 and later versions.\n\nAfter upgrading to a patched version, it is important to check for the `SecretsMigrated` condition on `Clusters`, `ClusterTemplates`, and `Catalogs` to confirm when secrets have been fully migrated off of those objects and the objects scoped within them (`Notifiers` and `SourceCodeProviderConfigs`).\n\n### Workarounds\nLimit access in Rancher to trusted users. There is not a direct mitigation besides upgrading to the patched Rancher versions.\n\n**Important:**\n- It is highly advised to rotate Rancher\u0027s `serviceAccountToken`. This rotation is not done by the version upgrade. Please see the helper script below.\n- The local and downstream clusters should be checked for potential unrecognized services (pods), users and API keys.\n- It is recommended to review for potential leaked credentials in this scenario, that are not directly related to Rancher, and to change them if deemed necessary.\n\nThe script available in [rancherlabs/support-tools/rotate-tokens](https://github.com/rancherlabs/support-tools/blob/master/rotate-tokens) repository can be used as a helper to rotate the service account token (used to provision clusters). The script requires a valid Rancher API token, `kubectl` access to the `local` cluster and the `jq` command.\n\n### Credits\nWe would like to recognize and appreciate Florian Struck (from [Continum AG](https://www.continum.net/)) and [Marco Stuurman](https://github.com/fe-ax) (from [Shock Media B.V.](https://www.shockmedia.nl)) for the responsible disclosure of this security issue.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Reach out to [SUSE Rancher Security team](https://github.com/rancher/rancher/security/policy) for security related inquiries.\n* Open an issue in [Rancher](https://github.com/rancher/rancher/issues/new/choose) repository.\n* Verify our [support matrix](https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/) and [product support lifecycle](https://www.suse.com/lifecycle/).",
  "id": "GHSA-g7j7-h4q8-8w2f",
  "modified": "2022-09-23T18:11:28Z",
  "published": "2022-09-23T18:11:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36782"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rancher/rancher"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Rancher API and cluster.management.cattle.io object vulnerable to plaintext storage and exposure of credentials"
}

GSD-2021-36782

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-36782

Aliases

CVE-2021-36782

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-36782",
    "description": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.",
    "id": "GSD-2021-36782",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-36782.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-36782"
      ],
      "details": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.",
      "id": "GSD-2021-36782",
      "modified": "2023-12-13T01:23:16.927035Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@suse.com",
        "DATE_PUBLIC": "2022-08-19T00:00:00.000Z",
        "ID": "CVE-2021-36782",
        "STATE": "PUBLIC",
        "TITLE": "Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Rancher",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "Rancher",
                          "version_value": "2.5.16"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Rancher",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "Rancher",
                          "version_value": "2.6.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SUSE"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Florian Struck (from Continum AG) and Marco Stuurman (from Shock Media B.V.)"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-312: Cleartext Storage of Sensitive Information"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
          },
          {
            "name": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f",
            "refsource": "CONFIRM",
            "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
          }
        ]
      },
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
        "defect": [
          "1193988"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=2.5.0 \u003c2.5.16||\u003e=2.6.0 \u003c2.6.7",
          "affected_versions": "All versions starting from 2.5.0 before 2.5.16, all versions starting from 2.6.0 before 2.6.7",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-312",
            "CWE-937"
          ],
          "date": "2022-09-23",
          "description": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.",
          "fixed_versions": [
            "2.5.16",
            "2.6.7"
          ],
          "identifier": "CVE-2021-36782",
          "identifiers": [
            "GHSA-g7j7-h4q8-8w2f",
            "CVE-2021-36782"
          ],
          "not_impacted": "All versions before 2.5.0, all versions starting from 2.5.16 before 2.6.0, all versions starting from 2.6.7",
          "package_slug": "go/github.com/rancher/rancher",
          "pubdate": "2022-09-23",
          "solution": "Upgrade to versions 2.5.16, 2.6.7 or above.",
          "title": "Cleartext Storage of Sensitive Information",
          "urls": [
            "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f",
            "https://nvd.nist.gov/vuln/detail/CVE-2021-36782",
            "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
            "https://github.com/advisories/GHSA-g7j7-h4q8-8w2f"
          ],
          "uuid": "798694fa-fd66-4f6d-88da-efd1fce62982"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.6.7",
                "versionStartIncluding": "2.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.5.16",
                "versionStartIncluding": "2.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "ID": "CVE-2021-36782"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-312"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1193988",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193988"
            },
            {
              "name": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Mitigation",
                "Third Party Advisory"
              ],
              "url": "https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.1,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2023-01-18T14:29Z",
      "publishedDate": "2022-09-07T09:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-36782 (GCVE-0-2021-36782)

FKIE_CVE-2021-36782

GHSA-G7J7-H4Q8-8W2F

Impact

Patches

Workarounds

Credits

For more information

GSD-2021-36782

Tags

Sightings

Nomenclature