216.73.217.64

CVE-2024-52282

· Published 11/04/2025 11:15 · Modified 11/04/2025 15:39

Labels: CVE-2024-52282 2025-04-11CVE-2024-52282CWE-200[email protected]

Essential information

Published
11/04/2025 11:15
Modified
11/04/2025 15:39
Author
Creator
CVSS
6.2 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N

CVSS metrics

Description

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. This issue affects rancher: from 2.8.0 before 2.8.10, from 2.9.0 before 2.9.4.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
suse / rancher cpe:2.3:a:suse:rancher:2.8.0-2.8.10:*:*:*:*:*:*:*
suse / rancher cpe:2.3:a:suse:rancher:2.9.0-2.9.4:*:*:*:*:*:*:*

References