CVE-2019-11881
CVE-2019-11881 is a medium-severity vulnerability in Suse Rancher with a CVSS 3.x base score of 4.7. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 3.x base score 4.7)
- CVSS v2: 4.3
- EPSS exploit prediction: 2% (81st percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Suse Rancher
- Published:
- Last modified:
Description
A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message.
Frequently asked questions
- What is CVE-2019-11881?
- A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message.
- How severe is CVE-2019-11881?
- CVE-2019-11881 has a CVSS 3.x base score of 4.7, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and user interaction. Impact on confidentiality is none, integrity low, and availability none.
- Is CVE-2019-11881 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (81st percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2019-11881?
- CVE-2019-11881 affects Suse Rancher. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2019-11881?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2019-11881 published?
- CVE-2019-11881 was published on 2019-06-10 and last updated on 2026-06-17.
References
- https://github.com/MauroEldritch/VanCleef
- https://github.com/rancher/rancher/blob/v2.2.4/pkg/auth/providers/saml/saml_client.go#L282
- https://github.com/rancher/rancher/commit/e59adbc7565251919d84d6e353421104be8da06e
- https://github.com/rancher/rancher/issues/20216
Affected products (1)
- cpe:2.3:a:suse:rancher:2.1.4:*:*:*:*:*:*:*
More vulnerabilities in Suse Rancher
- CVE-2023-22647 — Critical (CVSS 9.9): An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing…
- CVE-2023-22651 — Critical (CVSS 9.9): Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic…
- CVE-2022-43757 — Critical (CVSS 9.9): A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows users on managed clusters to gain…
- CVE-2021-36783 — Critical (CVSS 9.9): A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster…
- CVE-2021-36782 — Critical (CVSS 9.9): A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster…
- CVE-2019-11202 — Critical (CVSS 9.8): An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8,…