Access Restriction Bypass Affecting github.com/rancher/rancher/pkg/controllers/management/auth package, versions >=2.5.0 <2.5.17 >=2.6.0 <2.6.10 >=2.7.0 <2.7.1
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-GOLANG-GITHUBCOMRANCHERRANCHERPKGCONTROLLERSMANAGEMENTAUTH-3248760
- published 26 Jan 2023
- disclosed 25 Jan 2023
- credit Unknown
How to fix?
Upgrade github.com/rancher/rancher/pkg/controllers/management/auth to version 2.5.17, 2.6.10, 2.7.1 or higher.
Overview
Affected versions of this package are vulnerable to Access Restriction Bypass because generated tokens are not revoked after modifications are made to an authentication provider.
It only affects Rancher setups that have an external authentication provider configured or had one configured in the past.
When an external authentication provider is configured in Rancher and then disabled, the Rancher generated tokens associated with users who had access granted through the now disabled auth provider are not revoked. This allows users to retain access to Rancher and kubectl access to clusters managed by Rancher, according to their previously configured permissions, even after they are supposed to have lost it due to the auth provider being disabled.