PT-2017-17643 · Rancher · Rancher Server

Will-Chan

Publicado

2017-03-29

Atualizado

2024-08-20

CVE-2017-7297

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Rancher Labs rancher server versions 1.2.0 through 1.2.3 Rancher Labs rancher server versions 1.3.0 through 1.3.4 Rancher Labs rancher server versions 1.4.0 through 1.4.2 Rancher Labs rancher server versions 1.5.0 through 1.5.2

Description The issue allows authenticated users to disable access control via an API call.

Recommendations For versions 1.2.0 through 1.2.3, update to rancher/server:v1.2.4. For versions 1.3.0 through 1.3.4, update to rancher/server:v1.3.5. For versions 1.4.0 through 1.4.2, update to rancher/server:v1.4.3. For versions 1.5.0 through 1.5.2, update to rancher/server:v1.5.3.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-7297

GHSA-W3X4-9854-95X8

GO-2023-1973

Produtos afetados

Rancher Server

PT-2017-17643 · Rancher · Rancher Server

CVE-2017-7297

Identificadores relacionados

Produtos afetados

Referências · 10