ГлавнаяУязвимости → CVE-2026-41053
8.8высокая

CVE-2026-41053

Описание

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

Затрагиваемое ПО
Suse Rancher
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/rancher/rancher/security/advisories/GHSA-4j6x-2764-m8gh