CVE-2023-22648

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group, thus retaining their access to Rancher instead of losing it. This issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22648	Issue Tracking Vendor Advisory
https://github.com/rancher/rancher/security/advisories/GHSA-vf6j-6739-78m8	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:suse:rancher::::::::
	cpe:2.3:a:suse:rancher::::::::

History

05 Oct 2023, 16:27

Type	Values Removed	Values Added
CWE	~~CWE-384~~	NVD-CWE-Other

09 Jun 2023, 17:23

Type	Values Removed	Values Added
First Time		Suse rancher Suse
References	~~(MISC) https://github.com/rancher/rancher/security/advisories/GHSA-vf6j-6739-78m8 -~~	(MISC) https://github.com/rancher/rancher/security/advisories/GHSA-vf6j-6739-78m8 - Vendor Advisory
References	~~(MISC) https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22648 -~~	(MISC) https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22648 - Issue Tracking, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:a:suse:rancher::::::::
CWE	~~CWE-269~~	CWE-384

01 Jun 2023, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-01 13:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-22648

Mitre link : CVE-2023-22648

CVE.ORG link : CVE-2023-22648

JSON object : View

Products Affected

suse

rancher

CWE

NVD-CWE-Other CWE-269

Improper Privilege Management

{"id": "CVE-2023-22648", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "meissner@suse.de", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.1}]}, "published": "2023-06-01T13:15:10.553", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22648", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "meissner@suse.de"}, {"url": "https://github.com/rancher/rancher/security/advisories/GHSA-vf6j-6739-78m8", "tags": ["Vendor Advisory"], "source": "meissner@suse.de"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "meissner@suse.de", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users \nwhile they are logged in the Rancher UI. This would cause the users to \nretain their previous permissions in Rancher, even if they change groups\n on Azure AD, for example, to a lower privileged group, or are removed \nfrom a group, thus retaining their access to Rancher instead of losing \nit.\nThis issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4.\n\n"}], "lastModified": "2023-10-05T16:27:57.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73DA4714-217D-4F50-B3C6-E60FA9389946", "versionEndExcluding": "2.6.13", "versionStartIncluding": "2.6.7"}, {"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82B60ABA-3389-45F0-9F45-4D4D0D4738BC", "versionEndExcluding": "2.7.4", "versionStartIncluding": "2.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "meissner@suse.de"}