CVE-2021-25318

Summary

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16.

Affected Software

VendorProductVersion RangeStatus
RancherRancherRancher < 2.5.9affected
RancherRancherRancher < 2.4.16affected

Weaknesses

  • CWE-732: CWE-732: Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CVE Program Container

Additional References

References