Description
Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.
Published: 2026-06-29
Score: 9.4 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Improper privilege handling allows a user who holds the Project Owner role to elevate privileges to the host level, effectively giving them unrestricted access to the underlying infrastructure. This weakness falls under CWE-305, which covers insufficient segregation of privilege between distinct functional areas. The result is a serious breach of confidentiality, integrity, and availability for the host environment. The description clearly states that users with Project Owner permissions can exploit the system to gain elevated host privileges, which could lead to full system compromise.

Affected Systems

The vulnerability affects Rancher products from SUSE, specifically Rancher versions 2.14 prior to 2.14.2, 2.13 prior to 2.13.6, and 2.12 prior to 2.12.10. Any deployment running these affected versions is susceptible unless the operating environment is patched or the offset roles are remediated.

Risk and Exploitability

The CVSS score of 9.4 indicates a critical level of risk, while the EPSS score is currently unavailable, meaning no public evidence of exploitation yet. The vulnerability is not listed in the CISA KEV catalog, but the high severity and potential for internal privilege escalation render it highly significant. The likely attack vector is internal; an attacker must possess or obtain a Project Owner role within Rancher to exploit the flaw. Such a role may be granted following an initial compromise or due to misconfiguration, after which the attacker can execute commands on the host with full control.

Generated by OpenCVE AI on June 29, 2026 at 17:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Rancher to version 2.14.2 or later, 2.13.6 or later, or 2.12.10 or later to eliminate the privilege escalation flaw.
  • Limit or remove the Project Owner role from users who do not require it by reconfiguring Rancher role assignments and enforcing least privilege policies.
  • Audit current users for Project Owner permissions; remove any accounts that are unnecessary for normal operations and monitor for unexpected privilege changes or unauthorized host access attempts.

Generated by OpenCVE AI on June 29, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Suse
Suse rancher
Vendors & Products Suse
Suse rancher

Mon, 29 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 29 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
Description Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.
Title Rancher Privilege Escalation from Project Owner to Host
Weaknesses CWE-305
References
Metrics cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Suse Rancher
cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published:

Updated: 2026-06-29T16:22:37.664Z

Reserved: 2026-04-16T13:37:50.680Z

Link: CVE-2026-41052

cve-icon Vulnrichment

Updated: 2026-06-29T16:22:34.424Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T20:45:03Z

Weaknesses
  • CWE-305

    Authentication Bypass by Primary Weakness