6.9
CVE-2026-44947
- EPSS 0.23%
- Veröffentlicht 30.06.2026 14:21:01
- Zuletzt bearbeitet 02.07.2026 17:45:44
- Quelle meissner@suse.de
- CVE-Watchlists
- Unerledigt
Stale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher
A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSUSE
≫
Produkt
Rancher
Default Statusunaffected
Version
2.13.0
Version <
2.13.7
Status
affected
Version
2.14.0
Version <
2.14.3
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.137 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| meissner@suse.de | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
https://github.com/rancher/rancher/security/advisories/GHSA-c4rp-wgqc-mfhc