CVE-2022-21947 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-21947 Interim 1 3 2023-07-06T23:29:33Z current 2022-04-03T02:00:29Z 2023-07-06T23:29:33Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-21947 A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://github.com/rancher-sandbox/rancher-desktop/security/advisories//GHSA-x5mj-x8h3-9pcc E-Mail link for GHSA-x5mj-x8h3-9pcc https://www.suse.com/support/security/rating/ SUSE Security Ratings A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. CVE-2022-21947 important 5.8 AV:A/AC:L/Au:N/C:P/I:P/A:P 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H