Will-Chan

**Name of the Vulnerable Software and Affected Versions** Rancher Labs rancher server versions 1.2.0 through 1.2.3 Rancher Labs rancher server versions 1.3.0 through 1.3.4 Rancher Labs rancher server versions 1.4.0 through 1.4.2 Rancher Labs rancher server versions 1.5.0 through 1.5.2 **Description** The issue allows authenticated users to disable access control via an API call. **Recommendations** For versions 1.2.0 through 1.2.3, update to rancher/server:v1.2.4. For versions 1.3.0 through 1.3.4, update to rancher/server:v1.3.5. For versions 1.4.0 through 1.4.2, update to rancher/server:v1.4.3. For versions 1.5.0 through 1.5.2, update to rancher/server:v1.5.3.