CVE-2026-44949

HIGH

Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook

Title source: cna
STIX 2.1

Description

A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to the in-cluster rancher-webhook service could submit a crafted admission payload and cause workspace-related Kubernetes objects to be created with attacker-chosen identity data.

References (1)

Core 1
Core References

Scores

CVSS v4 7.0
EPSS 0.0023
EPSS Percentile 14.0%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-306
Status published
Products (4)
SUSE/Rancher 0.10.0 - 0.10.7
SUSE/Rancher 0.7.0 - 0.7.10
SUSE/Rancher 0.8.0 - 0.8.7
SUSE/Rancher 0.9.0 - 0.9.6
Published Jun 30, 2026
Tracked Since Jun 30, 2026