CVE-2019-6287

CVE-2019-6287

EPSS 1.0%

In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forums.rancher.com/c/announcements https://rancher.com/blog/2019/2019-01-29-explaining-security-vulnerabilities-addressed-in-rancher-v2-1-6-and-v2-0-11/