- Description
- A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4.
- Source
- meissner@suse.de
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- meissner@suse.de
- CWE-266
- Hype score
- Not currently trending
🚨 CVE-2025-23391 ⚠️🔴 CRITICAL (9.1) 🏢 SUSE - rancher 🏗️ 2.8.0 🔗 https://t.co/R42tUOCRrV 🔗 https://t.co/gfuNoxUFnN #CyberCron #VulnAlert #InfoSec https://t.co/G0twKyqSSP
@cybercronai
11 Apr 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Rancher flaw (CVE-2025-23391) allows admin account takeover—update immediately to prevent cluster compromise. Details: https://t.co/2yHfbqxTvJ #CyberSecurity #Kubernetes
@adriananglin
3 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes