will-chan
changed the title
Security Exposure: Any authenticated users can disable auth via API
Security Exposure: Any authenticated users can disable auth via API [CVE-2017-7297]
Mar 28, 2017
will-chan
changed the title
Security Exposure: Any authenticated users can disable auth via API [CVE-2017-7297]
Security Exposure: Any authenticated users can disable auth [CVE-2017-7297]
Mar 29, 2017
will-chan
changed the title
Security Exposure: Any authenticated users can disable auth [CVE-2017-7297]
Security Exposure: Authenticated users can disable auth [CVE-2017-7297]
Mar 29, 2017
Rancher Versions:
Server: 1.2.0+
Docker Version:
Any
OS and where are the hosts located? (cloud, bare metal, etc):
Setup Details: (single node rancher vs. HA rancher, internal DB vs. external DB)
Environment Type: (Cattle/Kubernetes/Swarm/Mesos)
Steps to Reproduce:
Log into Rancher as an authenticated user (any role) and disable auth via the API.
Results:
Authentication is disabled.
The text was updated successfully, but these errors were encountered: