PT-2026-55201 · Suse · Rancher Fleet
Radisauskas Arnoldas
·
Published
2026-07-01
·
Updated
2026-07-02
·
CVE-2026-44935
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SUSE Rancher Fleet versions prior to 0.15.2
SUSE Rancher Fleet versions prior to 0.14.6
SUSE Rancher Fleet versions prior to 0.13.11
SUSE Rancher Fleet versions prior to 0.12.15
Description
Missing validation of
valuesFrom references in the Helm Deployer allows tenants in multi-tenancy environments to bypass restrictions and access config maps or secrets across all namespaces on downstream clusters. An attacker can use valuesFrom within a fleet.yaml (via a GitRepo resource) or a HelmOp resource to read secret contents if the name, namespace, and key are known or guessed. Additionally, unauthorized users can create cluster-wide resources using HelmOp or Bundle without being restricted to a specific service account for the Fleet agent.Recommendations
Upgrade SUSE Rancher Fleet to version 0.15.2 or later.
Upgrade SUSE Rancher Fleet to version 0.14.6 or later.
Upgrade SUSE Rancher Fleet to version 0.13.11 or later.
Upgrade SUSE Rancher Fleet to version 0.12.15 or later.
As a temporary workaround, ensure that tenants do not have shared access to the same downstream clusters.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rancher Fleet