CVE-2021-36775

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-36775

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36775.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-36775

Aliases

Published

2022-04-04T13:15:07.467Z

Modified

2026-03-13T05:06:29.774710Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions prior to 2.4.18; Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

References

https://bugzilla.suse.com/show_bug.cgi?id=1189120

Affected packages

Git / github.com/rancher/rancher

Affected ranges

Type

GIT

Repo

https://github.com/rancher/rancher

Events

Introduced

Fixed

cd0f57ed70205390ffd713b5fa0086fd4699abff

Introduced

65f3525cdc1167872af4140d45f3153698450c52

Fixed

c5f7295f6f105b3b21daac066c3b05616b81ec68

Introduced

df2432ad895c9d6be0e47e0d6d62a4c3dc8f08e5

Fixed

3c1d5fac32482f00828bec2a4eda39a431a4dbe4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.4.18"
        },
        {
            "introduced": "2.5.0"
        },
        {
            "fixed": "2.5.12"
        },
        {
            "introduced": "2.6.0"
        },
        {
            "fixed": "2.6.3"
        }
    ]
}

Affected versions

v2.*

v2.5.0

v2.5.0-rc9

v2.5.1

v2.5.1-rc1

v2.5.10

v2.5.10-rc1

v2.5.10-rc2

v2.5.10-rc3

v2.5.10-rc4

v2.5.10-rc5

v2.5.10-rc6

v2.5.10-rc7

v2.5.12-rc1

v2.5.12-rc2

v2.5.12-rc3

v2.5.12-rc4

v2.5.12-rc5

v2.5.12-rc6

v2.5.12-rc7

v2.5.2

v2.5.2-rc

v2.5.2-rc1

v2.5.2-rc10

v2.5.2-rc2

v2.5.2-rc3

v2.5.2-rc4

v2.5.2-rc5

v2.5.2-rc6

v2.5.2-rc7

v2.5.2-rc8

v2.5.2-rc9

v2.5.4

v2.5.4-rc1

v2.5.4-rc2

v2.5.4-rc3

v2.5.4-rc4

v2.5.4-rc5

v2.5.4-rc6

v2.5.4-rc7

v2.5.4-rc8

v2.5.4-rc9

v2.5.6

v2.5.6-rc1

v2.5.6-rc2

v2.5.6-rc3

v2.5.6-rc4

v2.5.6-rc5

v2.5.6-rc6

v2.5.6-rc7

v2.5.6-rc8

v2.5.6-rc9

v2.5.8

v2.5.8-rc10

v2.5.8-rc11

v2.5.8-rc12

v2.5.8-rc13

v2.5.8-rc14

v2.5.8-rc15

v2.5.8-rc16

v2.5.8-rc17

v2.5.8-rc18

v2.5.8-rc19

v2.5.8-rc2

v2.5.8-rc20

v2.5.8-rc21

v2.5.8-rc3

v2.5.8-rc4

v2.5.8-rc5

v2.5.8-rc6

v2.5.8-rc7

v2.5.8-rc8

v2.5.8-rc9

v2.6.0

v2.6.0-rc10

v2.6.1

v2.6.1-harvester1

v2.6.1-harvester2

v2.6.1-rc1

v2.6.1-rc10

v2.6.1-rc11

v2.6.1-rc12

v2.6.1-rc13

v2.6.1-rc2

v2.6.1-rc3

v2.6.1-rc4

v2.6.1-rc5

v2.6.1-rc6

v2.6.1-rc7

v2.6.1-rc8

v2.6.1-rc9

v2.6.3-rc1

v2.6.3-rc10

v2.6.3-rc2

v2.6.3-rc3

v2.6.3-rc4

v2.6.3-rc5

v2.6.3-rc6

v2.6.3-rc7

v2.6.3-rc8

v2.6.3-rc9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36775.json"