← voltar
CVE-2022-21947

rancher desktop: Dashboard API is network accessible

CVSS 8.3 HIGHEPSS 0.6%CWE-668
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Produtos afetados
SUSE · Rancher

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.suse.com/show_bug.cgi?id=1197491