A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| github.com/rancher/rancher(Go) | 2.8.0 | 2.8.13 | N/A |
| github.com/rancher/rancher(Go) | 2.9.0 | 2.9.7 | N/A |
| github.com/rancher/rancher(Go) | 2.10.0 | 2.10.3 | N/A |
CVSS Metrics
