A critical flaw in SUSE Rancher’s user management module recently came to light, raising alarms within the cybersecurity community. This vulnerability allows privileged users to disrupt administrative access by altering the usernames of other accounts. It’s tracked as CVE-2024-58260 and impacts Rancher Manager versions 2.9.0 through 2.12.1. This flaw doesn’t just unlock username takeover but also leads to a complete lockout of the admin account, presenting a significant risk for organizations securing their container orchestration environments.
Rancher RBAC Privilege Escalation
The Rancher Role-Based Access Control (RBAC) system typically relies on unique usernames for login authentication. However, it falls short by not enforcing immutability of usernames after account creation, which could have dire implications. An attacker with update permissions on user resources can send a specifically crafted request to change the username of any target account. If an admin account is targeted, the attacker’s new, unique identifier takes precedence, preventing the original admin from accessing the system.
For instance, an exploit request using Rancher’s API could effectively rename the admin account, blocking genuine administrators from logging in. This flaw allows attackers to arbitrarily rename any user, making them capable of user takeover by simply assigning a high-privilege username to a malicious account, thus breaching security protocols.
| Risk Factors | Details |
| Affected Products | Rancher Manager v2.9.0–v2.9.11, v2.10.0–v2.10.9, v2.11.0–v2.11.5, v2.12.0–v2.12.1 |
| – Account lockout: prevents admin/UI login | |
| Exploit Prerequisites | – Valid Rancher account with update permission on User API |
| CVSS 3.1 Score | 7.6 (High) |
Mitigations
In response to this critical flaw, SUSE Rancher has issued patched versions that incorporate stringent server-side validation for the username field. With this update, usernames become immutable after creation, effectively preventing unauthorized modifications. Here are the affected versions along with their corresponding patched releases:
- 2.12.0–2.12.1 → 2.12.2
- 2.11.0–2.11.5 → 2.11.6
- 2.10.0–2.10.9 → 2.10.10
- 2.9.0–2.9.11 → 2.9.12
To upgrade effectively, administrators can execute the command:
In situations where immediate upgrading isn’t feasible, administrators should conduct an audit of their RBAC policies. It is crucial to restrict update permissions on user resources to only those operators who are fully trusted. Implementing detailed audit logging is also recommended to monitor and respond to any suspicious API calls, particularly those targeting user accounts.
Addressing this high-severity vulnerability not only safeguards the integrity of the Rancher UI but also helps combat potential denial-of-service attacks against critical administrative accounts. Continuous monitoring of global RBAC settings and prompt application of security patches remain essential best practices for securing any container management platform.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
