CVE-2022-45157

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Nov 13, 2024

CWE ID 522

Summary

CVE-2022-45157 is a vulnerability affecting Rancher's handling of vSphere's CPI and CSI credentials for deploying clusters. This issue results in the plaintext storage of vSphere's CPI and CSI passwords within Rancher. This risk is exclusive to users deploying clusters in vSphere environments. The vulnerability stems from an inadequate security measure for storing these sensitive credentials. This weakness could potentially allow unauthorized access to vSphere environments if exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SUSE/Rancher

Affected Vendors

SUSE Linux GmbH

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/oxdopY
https://www.cve.org/CVERecord?id=CVE-2022-45157
https://nvd.nist.gov/vuln/detail/CVE-2022-45157

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners