Vulnerabilities > Rancher > Rancher > 2.4.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2021-36775 | Unspecified vulnerability in Rancher a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. | 8.8 |
| 2022-04-04 | CVE-2021-36776 | Unspecified vulnerability in Rancher A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. | 8.8 |
| 2021-07-15 | CVE-2021-25318 | Incorrect Permission Assignment for Critical Resource vulnerability in Rancher A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. | 6.5 |
| 2021-07-15 | CVE-2021-25320 | Unspecified vulnerability in Rancher A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. | 9.9 |
| 2021-07-15 | CVE-2021-31999 | Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. | 6.5 |