Overview
- Description
- A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable.
- Source
- meissner@suse.de
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
CVE-2023-22650 (CVSS:8.8, HIGH) is Awaiting Analysis. A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from ..https://t.co/tj6FI2NEqg #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
21 Oct 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2023-22650: HIGH] Rancher vulnerability alert: Deleted, disabled, or revoked users not automatically cleaned up, leaving potential security risks. Ensure user access is properly managed for cyber security.#cybersecurity,#vulnerability https://t.co/9vYuvAenyP https://t.co/bk0
@CveFindCom
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-22650 A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). T… https://t.co/p5RkKTri1x
@CVEnew
440 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes