A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.
                
            References
                    | Link | Resource | 
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1193988 | Exploit Issue Tracking Mitigation Vendor Advisory | 
| https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f | Exploit Mitigation Third Party Advisory | 
| https://bugzilla.suse.com/show_bug.cgi?id=1193988 | Exploit Issue Tracking Mitigation Vendor Advisory | 
| https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f | Exploit Mitigation Third Party Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    21 Nov 2024, 06:14
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://bugzilla.suse.com/show_bug.cgi?id=1193988 - Exploit, Issue Tracking, Mitigation, Vendor Advisory | |
| References | () https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f - Exploit, Mitigation, Third Party Advisory | 
10 Sep 2022, 02:34
| Type | Values Removed | Values Added | 
|---|---|---|
| CVSS | v2 : v3 : | v2 : unknown v3 : 6.5 | 
| CPE | cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:* | |
| References | (CONFIRM) https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f - Exploit, Mitigation, Third Party Advisory | |
| References | (CONFIRM) https://bugzilla.suse.com/show_bug.cgi?id=1193988 - Exploit, Issue Tracking, Mitigation, Vendor Advisory | 
07 Sep 2022, 09:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2022-09-07 09:15
Updated : 2024-11-21 06:14
NVD link : CVE-2021-36782
Mitre link : CVE-2021-36782
CVE.ORG link : CVE-2021-36782
JSON object : View
Products Affected
                suse
- rancher
CWE
                
                    
                        
                        CWE-312
                        
            Cleartext Storage of Sensitive Information
