Headline
CVE-2021-36778: Invalid Bug ID
A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.
‘1191466?cve=title’ is not a valid bug number nor an alias to a bug.
Please press Back and try again.
Related news
### Impact This issue only happens when the user configures access credentials to a private repository in Rancher inside `Apps & Marketplace > Repositories`. It affects Rancher versions 2.5.0 up to and including 2.5.11 and from 2.6.0 up to and including 2.6.2. An insufficient check of the same-origin policy when downloading Helm charts from a configured private repository can lead to exposure of the repository credentials to a third-party provider. This exposure happens when the private repository: 1. Does an HTTP redirect to a third-party repository or external storage provider. 2. Downloads an icon resource for the chart hosted on a third-party provider. The address of the private repository is not leaked, only the credentials are leaked in the HTTP `Authorization` header in base64 format. With the patched versions, the default behavior now is to only send the private repository credentials when subdomain or domain hostname match when following the redirect or downloading externa...