Suse · Suse Rancher Desktop · CVE-2022-21947
**Name of the Vulnerable Software and Affected Versions**
SUSE Rancher Desktop versions prior to V.
**Description**
A vulnerability in SUSE Rancher Desktop allows attackers in the local network to connect to the "Dashboard API (steve)" to carry out arbitrary actions due to improper access control.
**Recommendations**
For SUSE Rancher Desktop versions prior to V, consider restricting access to the Dashboard API as a temporary workaround until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.