CVE-2022-31247 - Vulnerability Details - OpenCVE

An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Suse	Rancher

Configuration 1 [-]

OR	cpe:2.3:a:suse:rancher::::::::
	cpe:2.3:a:suse:rancher::::::::

No data.

References

Link	Providers
https://bugzilla.suse.com/show_bug.cgi?id=1199730
https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg

History

No history.

MITRE

Status: PUBLISHED

Assigner: suse

Published: 2022-09-07T08:20:18.025806Z

Updated: 2024-09-16T19:52:12.881Z

Reserved: 2022-05-20T00:00:00

Link: CVE-2022-31247

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-07T09:15:08.747

Modified: 2024-11-21T07:04:12.897

Link: CVE-2022-31247

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Rancher", "vendor": "SUSE", "versions": [{"lessThan": "2.6.7", "status": "affected", "version": "Rancher", "versionType": "custom"}]}, {"product": "Rancher", "vendor": "SUSE", "versions": [{"lessThan": "2.5.16", "status": "affected", "version": "Rancher", "versionType": "custom"}]}], "datePublic": "2022-08-19T00:00:00", "descriptions": [{"lang": "en", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285: Improper Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-07T08:20:17", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "defect": ["1199730"], "discovery": "INTERNAL"}, "title": "Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2022-08-19T00:00:00.000Z", "ID": "CVE-2022-31247", "STATE": "PUBLIC", "TITLE": "Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Rancher", "version": {"version_data": [{"version_affected": "<", "version_name": "Rancher", "version_value": "2.6.7"}]}}, {"product_name": "Rancher", "version": {"version_data": [{"version_affected": "<", "version_name": "Rancher", "version_value": "2.5.16"}]}}]}, "vendor_name": "SUSE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285: Improper Authorization"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"name": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg", "refsource": "CONFIRM", "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199730", "defect": ["1199730"], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:11:39.936Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}]}]}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2022-31247", "datePublished": "2022-09-07T08:20:18.025806Z", "dateReserved": "2022-05-20T00:00:00", "dateUpdated": "2024-09-16T19:52:12.881Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F219B91-5B6F-460A-A75F-93555ECF2C1A", "versionEndExcluding": "2.5.16", "versionStartIncluding": "2.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*", "matchCriteriaId": "B45FC83F-E91A-4872-996E-72685FBD0AA3", "versionEndExcluding": "2.6.7", "versionStartIncluding": "2.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16."}, {"lang": "es", "value": "Una vulnerabilidad de autorizaci\u00f3n inapropiada en SUSE Rancher, permite a cualquier usuario que tenga permisos para crear/editar enlaces de plantillas de roles de cl\u00faster o enlaces de plantillas de roles de proyecto (como propietario de cl\u00faster, administrar miembros de cl\u00faster, propietario de proyecto y administrar miembros de proyecto) obtener permiso de propietario en otro proyecto en el mismo cl\u00faster o en otro proyecto en un cl\u00faster descendente diferente. Este problema afecta a: SUSE Rancher versiones anteriores a 2.6.7; Rancher versiones anteriores a 2.5.16"}], "id": "CVE-2022-31247", "lastModified": "2024-11-21T07:04:12.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "meissner@suse.de", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-07T09:15:08.747", "references": [{"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"source": "meissner@suse.de", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199730"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "meissner@suse.de", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}