CVE-2022-43758 : Security Advisory and Response

A Command injection vulnerability in SUSE Rancher allows code execution for users with specific privileges. Find out more about the impact, technical details, and mitigation strategies below.

Understanding CVE-2022-43758

SUSE Rancher is affected by a Command Injection vulnerability that could lead to code execution for certain users.

What is CVE-2022-43758?

It is an OS Command Injection vulnerability in SUSE Rancher that allows an attacker to execute arbitrary code by manipulating the Helm catalog or the URL configuration used to download KDM.

The Impact of CVE-2022-43758

This vulnerability has a high severity level, with a CVSS base score of 7.6. It can be exploited remotely, requiring high privileges and user interaction, leading to significant confidentiality, integrity, and availability impacts.

Technical Details of CVE-2022-43758

The vulnerability stems from improper neutralization of special elements in an OS command, allowing attackers to inject and execute malicious code.

Vulnerability Description

The vulnerability affects SUSE Rancher versions prior to 2.5.17, 2.6.10, and 2.7.1, enabling code execution for users with the ability to add untrusted Helm catalogs or modify the URL configuration.

Affected Systems and Versions

Vendor: SUSE
Product: Rancher
Affected Versions: Rancher less than 2.5.17

Exploitation Mechanism

Attackers can exploit this vulnerability by adding an untrusted Helm catalog or modifying the URL configuration used for downloading KDM, targeting admin users by default.

Mitigation and Prevention

To protect your systems from CVE-2022-43758, consider the following mitigation measures:

Immediate Steps to Take

Update SUSE Rancher to versions 2.5.17, 2.6.10, or 2.7.1 to mitigate the vulnerability.

Long-Term Security Practices

Regularly update and patch your systems to prevent known vulnerabilities.

Patching and Updates

Stay informed about security updates and apply patches promptly to safeguard your environment.