CVE-2021-25320

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16.

CVSS v3 9.9 CRITICAL
CVSS v2.0 4.0 MEDIUM

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1185514	Issue Tracking Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rancher:rancher::::::::
	cpe:2.3:a:rancher:rancher::::::::

History

25 Oct 2022, 18:09

Type	Values Removed	Values Added
CWE	~~CWE-284~~	NVD-CWE-Other

05 Aug 2021, 15:00

Type	Values Removed	Values Added
References	~~(CONFIRM) https://bugzilla.suse.com/show_bug.cgi?id=1185514 -~~	(CONFIRM) https://bugzilla.suse.com/show_bug.cgi?id=1185514 - Issue Tracking, Third Party Advisory
CWE		CWE-284
CPE		cpe:2.3:a:rancher:rancher::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.0 v3 : 9.9

15 Jul 2021, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-07-15 09:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-25320

Mitre link : CVE-2021-25320

CVE.ORG link : CVE-2021-25320

JSON object : View

Products Affected

rancher

rancher

CWE

NVD-CWE-Other CWE-284

Improper Access Control

{"id": "CVE-2021-25320", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}, {"type": "Secondary", "source": "meissner@suse.de", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2021-07-15T09:15:08.143", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1185514", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "meissner@suse.de"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "meissner@suse.de", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16."}, {"lang": "es", "value": "Una vulnerabilidad de Control de Acceso Inapropiado en Rancher, permite a usuarios del cluster hacer peticiones a los proveedores de la nube al crear peticiones con el ID de la credencial de la nube. Rancher en este caso adjuntar\u00eda las credenciales solicitadas sin m\u00e1s comprobaciones. Este problema afecta a: Versiones de Rancher anteriores a 2.5.9; versiones de Rancher anteriores a 2.4.16"}], "lastModified": "2022-10-25T18:09:39.017", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rancher:rancher:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F2398D-29ED-4CD4-A229-186EF99BB4E8", "versionEndExcluding": "2.4.16"}, {"criteria": "cpe:2.3:a:rancher:rancher:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67B096D9-719A-43C1-8B49-AF0C09A30715", "versionEndExcluding": "2.5.9", "versionStartIncluding": "2.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "meissner@suse.de"}