Headline
CVE-2022-21953: Invalid Bug ID
A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.
‘1199731?cve=title’ is not a valid bug number nor an alias to a bug.
Please press Back and try again.
Related news
### Impact An issue was discovered in Rancher where an authorization logic flaw allows an authenticated user on any downstream cluster to (1) open a shell pod in the Rancher `local` cluster and (2) have limited `kubectl` access to it. The expected behavior is that a user does not have such access in the Rancher `local` cluster unless explicitly granted. This issue does not allow the user to escalate privileges in the `local` cluster directly (this would require another vulnerability to be exploited). The security issue happens in two different ways: 1. Shell pod access - This is when a user opens a shell pod in the Rancher UI to a downstream cluster that the user has permission to access. The web request can be intercepted using the browser's web inspector/network console or a proxy tool to change the shell's destination to the Rancher `local` cluster instead of the desired downstream cluster. - This flaw cannot be exploited to access a downstream cluster that the user has no p...