cvedb.io
CVE-2021-36783
CRITICAL · CVSS 9.9
EPSS exploitation probability: 0%
Published 2022-09-07T09:15:08.600 · Last modified 2026-06-17T03:59:11.780

Summary

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.

Affected products

suse — rancher

Does this affect you?

Add your gear to cvedb and we'll alert you only when suse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.