Skip to main content

Rancher EUVDEUVD-2026-40130

| CVE-2026-41052 CRITICAL
Authentication Bypass by Primary Weakness (CWE-305)
2026-06-29 suse GHSA-vx8h-4prv-g744
9.4
CVSS 4.0 · Vendor: suse
Share

Severity by source

Vendor (suse) PRIMARY
9.4 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.9 CRITICAL

Requires an authenticated but only project-scoped Project Owner role (PR:L not PR:H), escalation crosses the authorization boundary into the cluster (S:C), yielding full C/I/A impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (suse).

CVSS VectorVendor: suse

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 29, 2026 - 18:01 EUVD
Analysis Generated
Jun 29, 2026 - 16:32 vuln.today

DescriptionCVE.org

Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.

AnalysisAI

Privilege escalation in SUSE Rancher (Kubernetes management platform) allows a user holding the Project Owner role to improperly escalate their privileges beyond their assigned project scope, per advisory GHSA-vx8h-4prv-g744. Affected releases are 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as Project Owner
Delivery
Invoke Rancher API outside project scope
Exploit
Exploit improper privilege handling
Execution
Escalate to cluster-wide privileges
Impact
Control managed cluster resources

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already possess the Rancher Project Owner role on at least one project within an affected instance (2.14<2.14.2, 2.13<2.13.6, or 2.12<2.12.10); it is not exploitable by anonymous or unauthenticated users. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-supplied CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:H/UI:N) with full high impact to both the vulnerable system (VC/VI/VA:H) and subsequent systems (SC/SI/SA:H) drives the 9.4 score, reflecting that a successful escalation grants broad control across the managed cluster. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An insider or attacker who has compromised an account holding the Project Owner role in a Rancher-managed project leverages the improper privilege handling to act beyond their project boundary and gain elevated control over the cluster. Because the CVSS vector is network attack vector with low complexity and no user interaction, the operation can be performed directly through Rancher's API/UI once the role is held. …
Remediation Vendor-released patch: upgrade to Rancher 2.14.2, 2.13.6, or 2.12.10 (or later) depending on your current minor branch, as documented in advisory https://github.com/rancher/rancher/security/advisories/GHSA-vx8h-4prv-g744. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Inventory all SUSE Rancher deployments and identify instances running affected versions (2.12.0-2.12.9, 2.13.0-2.13.5, 2.14.0-2.14.1). …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40130 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy