CVE-2019-13209

Name of the Vulnerable Software and Affected Versions Rancher versions 2 through 2.2.4

Description The issue allows an exploiter to perform a Cross-Site Websocket Hijacking attack, gaining access to clusters managed by Rancher. This attack requires a victim to be logged into a Rancher server and then access a third-party site hosted by the exploiter. Once accomplished, the exploiter can execute commands against the cluster's Kubernetes API with the permissions and identity of the victim.

Recommendations For versions 2 through 2.2.4, update to a version later than 2.2.4 to resolve the issue. As a temporary workaround, consider restricting access to the Kubernetes API to minimize the risk of exploitation. Avoid accessing third-party sites while logged into a Rancher server until the issue is resolved.