PT-2026-55201 · Suse · Rancher Fleet

Radisauskas Arnoldas

·

Published

2026-07-01

·

Updated

2026-07-02

·

CVE-2026-44935

CVSS v3.1

9.9

Critical

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SUSE Rancher Fleet versions prior to 0.15.2 SUSE Rancher Fleet versions prior to 0.14.6 SUSE Rancher Fleet versions prior to 0.13.11 SUSE Rancher Fleet versions prior to 0.12.15
Description Missing validation of valuesFrom references in the Helm Deployer allows tenants in multi-tenancy environments to bypass restrictions and access config maps or secrets across all namespaces on downstream clusters. An attacker can use valuesFrom within a fleet.yaml (via a GitRepo resource) or a HelmOp resource to read secret contents if the name, namespace, and key are known or guessed. Additionally, unauthorized users can create cluster-wide resources using HelmOp or Bundle without being restricted to a specific service account for the Fleet agent.
Recommendations Upgrade SUSE Rancher Fleet to version 0.15.2 or later. Upgrade SUSE Rancher Fleet to version 0.14.6 or later. Upgrade SUSE Rancher Fleet to version 0.13.11 or later. Upgrade SUSE Rancher Fleet to version 0.12.15 or later. As a temporary workaround, ensure that tenants do not have shared access to the same downstream clusters.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44935
GHSA-XR65-5CPM-G36X

Affected Products

Rancher Fleet