Arbitrary Command Execution and File Read Vulnerability in Rancher 2 through 2.2.3

Arbitrary Command Execution and File Read Vulnerability in Rancher 2 through 2.2.3

CVE-2019-12303 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.

Learn more about our Web Application Penetration Testing UK.