CNNVD-202510-3996 Information

CNNVD ID

CNNVD-202510-3996

Related CVE

CVE-2023-32199

• CNNVD Published: 2025-10-29

Description (Chinese)

Rancher是美国Rancher开源的一个开源容器管理平台，专为在生产环境中部署容器的组织而构建。 Rancher存在安全漏洞，该漏洞源于移除自定义GlobalRole后用户仍保留集群访问权限，可能导致权限提升。

Description (English)

Rancher, an open-source container management platform at Rancher Open Source, United States, was built specifically for the organization that deployed containers in the production environment. Rancher has a security loophole, which stems from the fact that the user retains cluster access after removing the custom GlobalRole, which may lead to an increase in access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Rancher

Published

2025-10-29

Last Modified

2026-02-24

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32199 https://github.com/rancher/rancher/security/advisories/GHSA-j4vr-pcmw-hx59

Patch

https://github.com/rancher/rancher/releases