8.9

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-52281

CVE-2024-52281: Rancher UI has Stored Cross-site Scripting vulnerability

Impact

A vulnerability has been identified within Rancher UI that allows a malicious actor to perform a Stored XSS attack through the cluster description field.

Please consult the associated MITRE ATT&CK - Technique - Drive-by Compromise for further information about this category of attack.

Patches

The fix introduces new changes in the directives responsible for sanitizing HTML code before rendering.

We replaced the v-tooltip directive with the v-clean-tooltip directive.

Patched versions include releases 2.9.4 and 2.10.0.

Workarounds

There are no workarounds for this issue. Users are recommended to upgrade, as soon as possible, to a version of /Rancher Manager which contains the fixes.

Credits

This issue was identified and reported by Bhavin Makwana from Workday’s Cyber Defence Team.

For more information

If you have any questions or comments about this advisory:

Reach out to the SUSE Rancher Security team for security related inquiries.
Open an issue in the Rancher repository.
Verify with our support matrix and product support lifecycle.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-52281

CVE-2024-52281:

8.9

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/rancher/rancher	go	>= 2.9.0, < 2.9.4	2.9.4

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from insufficient HTML sanitization in the tooltip rendering mechanism. The advisory explicitly states the fix involved replacing v-tooltip with v-clean-tooltip, indicating the original directive lacked proper sanitization. While exact code isn't provided, the context implies the v-tooltip implementation in the UI component handling cluster descriptions was directly responsible for unsafe HTML rendering. The confidence is high due to the direct correlation between the mitigation action (directive replacement) and the vulnerability type (XSS).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.9

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-52281: Rancher UI has Stored Cross-site Scripting vulnerability

Impact

Patches

Workarounds

Credits

For more information

CVE-2024-52281:

8.9

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

CVE-2024-52281: Rancher UI has Stored Cross-site Scripting vulnerability

Impact

Patches

Workarounds

Credits

For more information

8.9

8.9

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI