CNNVD-202509-197 Information

CNNVD ID

CNNVD-202509-197

Related CVE

CVE-2024-52284

• CNNVD Published: 2025-09-02

Description (Chinese)

Rancher是美国Rancher开源的一个开源容器管理平台，专为在生产环境中部署容器的组织而构建。 Rancher存在安全漏洞，该漏洞源于BundleDeployment资源权限不当，可能导致敏感数据泄露。

Description (English)

Rancher, an open-source container management platform at Rancher Open Source, United States, was built specifically for the organization that deployed containers in the production environment. Rancher had a security loophole, which stemmed from the improper authority of the Bundle Deproyment resources, which could lead to the disclosure of sensitive data.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Rancher

Published

2025-09-02

Last Modified

2026-02-24

References

https://github.com/advisories/GHSA-6h9x-9j5v-7w9h https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52284 https://nvd.nist.gov/vuln/detail/CVE-2024-52284

Patch

https://fleet.rancher.io/