admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-42xx/CVE-2021-4200.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

142 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-4200",
"sourceIdentifier": "meissner@suse.de",
"published": "2022-05-02T12:16:26.337",
"lastModified": "2024-11-21T06:37:07.997",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4."
},
{
"lang": "es",
"value": "Una vulnerabilidad de administraci\u00f3n de privilegios inapropiada en SUSE Rancher permite el acceso de escritura al cat\u00e1logo para cualquier usuario cuando el rol de administrador restringido est\u00e1 habilitado. Este problema afecta a: SUSE Rancher versiones anteriores a 2.5.13; Rancher versiones anteriores a 2.6.4"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "meissner@suse.de",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"baseScore": 5.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "meissner@suse.de",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.13",
"matchCriteriaId": "042B44D6-9BAF-43EC-9111-08EBFCB4CC5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.4",
"matchCriteriaId": "E7C8176B-46C4-46C9-9909-5937C13FEB3C"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1193992",
"source": "meissner@suse.de",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1193992",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink