A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.
                
            References
                    | Link | Resource | 
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1193988 | Exploit Issue Tracking Mitigation Vendor Advisory | 
| https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f | Exploit Mitigation Third Party Advisory | 
| https://bugzilla.suse.com/show_bug.cgi?id=1193988 | Exploit Issue Tracking Mitigation Vendor Advisory | 
| https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f | Exploit Mitigation Third Party Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2022-09-07 09:15
Updated : 2024-11-21 06:14
NVD link : CVE-2021-36782
Mitre link : CVE-2021-36782
CVE.ORG link : CVE-2021-36782
JSON object : View
Products Affected
                suse
- rancher
CWE
                
                    
                        
                        CWE-312
                        
            Cleartext Storage of Sensitive Information
