A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5.
References
Link | Resource |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=1199443 | Issue Tracking Third Party Advisory |
https://github.com/rancher/rancher/security/advisories/GHSA-vrph-m5jj-c46c | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: suse
Published: 2022-05-25T00:00:00
Updated: 2023-07-26T14:44:47.345Z
Reserved: 2021-12-16T00:00:00
Link: CVE-2022-21951
JSON object: View
NVD Information
Status : Modified
Published: 2022-05-25T09:15:08.167
Modified: 2023-07-26T15:15:09.833
Link: CVE-2022-21951
JSON object: View
Redhat Information
No data.
CWE