CVE-2019-12274

HIGH

Rancher 1-2.2.3 - Privilege Escalation

Title source: llm

Description

In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.

References (2)

[Release Notes, Vendor Advisory] https://forums.rancher.com/c/announcements

[Release Notes, Vendor Advisory] https://forums.rancher.com/t/rancher-release-v2-2-4-addresses-rancher-cve-2019-12274-and-cve-2019-12303/14466

Scores

CVSS v3 8.8

EPSS 0.0019

EPSS Percentile 40.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-862 CWE-668

Status published

Affected Products (2)

suse/rancher < 1.6.28

rancher/rancher < 2.2.4Go

Timeline

Published Jun 06, 2019

Tracked Since Feb 18, 2026