CVE-2022-31247 - OpenCVE

An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Rancher

Configuration 1 [-]

OR	cpe:2.3:a:suse:rancher::::::::
	cpe:2.3:a:suse:rancher::::::::

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1199730	Exploit Issue Tracking Mitigation Vendor Advisory
https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg	Exploit Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: suse

Published: 2022-08-19T00:00:00

Updated: 2022-09-07T08:20:17

Reserved: 2022-05-20T00:00:00

Link: CVE-2022-31247

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-07T09:15:08.747

Modified: 2023-03-29T18:39:35.600

Link: CVE-2022-31247

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Rancher", "vendor": "SUSE", "versions": [{"lessThan": "2.6.7", "status": "affected", "version": "Rancher", "versionType": "custom"}]}, {"product": "Rancher", "vendor": "SUSE", "versions": [{"lessThan": "2.5.16", "status": "affected", "version": "Rancher", "versionType": "custom"}]}], "datePublic": "2022-08-19T00:00:00", "descriptions": [{"lang": "en", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285: Improper Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-07T08:20:17", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "defect": ["1199730"], "discovery": "INTERNAL"}, "title": "Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2022-08-19T00:00:00.000Z", "ID": "CVE-2022-31247", "STATE": "PUBLIC", "TITLE": "Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Rancher", "version": {"version_data": [{"version_affected": "<", "version_name": "Rancher", "version_value": "2.6.7"}]}}, {"product_name": "Rancher", "version": {"version_data": [{"version_affected": "<", "version_name": "Rancher", "version_value": "2.5.16"}]}}]}, "vendor_name": "SUSE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285: Improper Authorization"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"name": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg", "refsource": "CONFIRM", "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "defect": ["1199730"], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2022-31247", "datePublished": "2022-08-19T00:00:00", "dateReserved": "2022-05-20T00:00:00", "dateUpdated": "2022-09-07T08:20:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F219B91-5B6F-460A-A75F-93555ECF2C1A", "versionEndExcluding": "2.5.16", "versionStartIncluding": "2.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "matchCriteriaId": "B45FC83F-E91A-4872-996E-72685FBD0AA3", "versionEndExcluding": "2.6.7", "versionStartIncluding": "2.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}, {"lang": "es", "value": "Una vulnerabilidad de autorizaci\u00f3n inapropiada en SUSE Rancher, permite a cualquier usuario que tenga permisos para crear/editar enlaces de plantillas de roles de cl\u00faster o enlaces de plantillas de roles de proyecto (como propietario de cl\u00faster, administrar miembros de cl\u00faster, propietario de proyecto y administrar miembros de proyecto) obtener permiso de propietario en otro proyecto en el mismo cl\u00faster o en otro proyecto en un cl\u00faster descendente diferente. Este problema afecta a: SUSE Rancher versiones anteriores a 2.6.7; Rancher versiones anteriores a 2.5.16"}], "id": "CVE-2022-31247", "lastModified": "2023-03-29T18:39:35.600", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2022-09-07T09:15:08.747", "references": [{"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"source": "meissner@suse.de", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "meissner@suse.de", "type": "Secondary"}]}