CVE-2026-44947
6.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N
Summary
A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | Rancher | 2.13.0 < 2.13.7 | affected |
| SUSE | Rancher | 2.14.0 < 2.14.3 | affected |
Weaknesses
- CWE-281: CWE-281 Improper preservation of permissions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.