CVE-2021-36782 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-36782 Interim 1 6 2025-02-17T00:32:58Z current 2022-08-19T23:52:21Z 2025-02-17T00:32:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-36782 A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://github.com/rancher/rancher/security/advisories/GHSA-8c69-r38j-rpfj E-Mail link for GHSA-8c69-r38j-rpfj https://github.com/rancher/rancher/security/advisories/GHSA-cq4p-vp5q-4522 E-Mail link for GHSA-cq4p-vp5q-4522 https://github.com/rancher/rancher/security/advisories/GHSA-g7j7-h4q8-8w2f E-Mail link for GHSA-g7j7-h4q8-8w2f https://www.suse.com/support/kb/doc/?id=000020910 E-Mail link for TID000020910 https://www.suse.com/support/security/rating/ SUSE Security Ratings A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7. CVE-2021-36782 critical 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H