CVE-2024-22036: Rancher Remote Code Execution via Cluster/Node Drivers

9.1 CVSS

Description

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot
jail and gain root access to the Rancher container itself. In
production environments, further privilege escalation is possible based
on living off the land within the Rancher container itself. For the test
and development environments, based on a –privileged Docker container,
it is possible to escape the Docker container and gain execution access
on the host system.

This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.

Classification

CVE ID: CVE-2024-22036

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Problem Types

CWE-269: Improper Privilege Management

Affected Products

Vendor: SUSE

Product: rancher

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.94% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-22036
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036
https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc

Timeline

2025-04-16 09:40:09 UTC
CVE

Rancher Remote Code Execution via Cluster/Node Drivers