{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T21:43:27.704","vulnerabilities":[{"cve":{"id":"CVE-2024-52282","sourceIdentifier":"meissner@suse.de","published":"2025-04-11T11:15:41.630","lastModified":"2026-06-17T08:06:56.100","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET\n access to the Rancher Manager Apps Catalog to read any sensitive information that are \ncontained within the Apps’ values. Additionally, the same information \nleaks into auditing logs when the audit level is set to equal or above \n2.\n\nThis issue affects rancher: from 2.8.0 before 2.8.10, from 2.9.0 before 2.9.4."},{"lang":"es","value":"Una vulnerabilidad de exposición de información confidencial a un agente no autorizado en SUSE Rancher permite que cualquier usuario con acceso GET al catálogo de aplicaciones de Rancher Manager acceda a la información confidencial contenida en los valores de las aplicaciones. Además, esta misma información se filtra a los registros de auditoría cuando el nivel de auditoría es igual o superior a 2. Este problema afecta a Rancher: de la versión 2.8.0 a la 2.8.10, y de la versión 2.9.0 a la 2.9.4."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"SUSE","product":"rancher","defaultStatus":"unaffected","packageName":"github.com/rancher/rancher","versions":[{"version":"2.8.0","lessThan":"2.8.10","versionType":"semver","status":"affected"},{"version":"2.9.0","lessThan":"2.9.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-11T13:23:47.197155Z","id":"CVE-2024-52282","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52282","source":"meissner@suse.de"},{"url":"https://github.com/rancher/rancher/security/advisories/GHSA-9c5p-35gj-jqp4","source":"meissner@suse.de"}]}}]}