{"id":"CVE-2017-7297","details":"Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.","aliases":["GHSA-w3x4-9854-95x8","GO-2023-1973"],"modified":"2026-04-10T04:00:53.717146Z","published":"2017-03-29T00:59:00.167Z","references":[{"type":"ADVISORY","url":"https://github.com/rancher/rancher/issues/8296"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97180"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rancher/rancher","events":[{"introduced":"9267089303442680b271aa193a59eda04525c0b2"},{"fixed":"0d6a08109a68e0a1c290718bbd53442427bd99b7"},{"introduced":"92c6d043280f2dccc3e464f3f6b96a94f4648b70"},{"fixed":"66fbd35bce2a3b61c3a0b233f191334741e6cbb5"},{"introduced":"d1e752a6fb8db56453d929c0c05953b7ca5066d5"},{"fixed":"8079a7872ff3a68d3694823bd8d85521f9d1edd7"},{"introduced":"8743bc522b81a3c1c4aa58fe50bac20095425bb2"},{"fixed":"d39b70653a35ce3d1136da8df22228b9a5d5e9de"}],"database_specific":{"versions":[{"introduced":"1.2.0"},{"fixed":"1.2.4"},{"introduced":"1.3.0"},{"fixed":"1.3.5"},{"introduced":"1.4.0"},{"fixed":"1.4.3"},{"introduced":"1.5.0"},{"fixed":"1.5.3"}]}}],"versions":["v1.2.0","v1.2.0-1","v1.2.0.1-rc1","v1.2.1","v1.2.1-rc1","v1.2.1-rc2","v1.2.1-rc3","v1.2.1-rc4","v1.2.2","v1.2.2-rc1","v1.2.2-rc2","v1.2.2-rc3","v1.2.2-rc4","v1.2.3","v1.2.3-rc1","v1.2.3-rc2","v1.2.4-rc1","v1.2.4-rc2","v1.3.0","v1.3.1","v1.3.1-rc1","v1.3.1-rc2","v1.3.1-rc3","v1.3.1-rc4","v1.3.2","v1.3.2-rc1","v1.3.2-rc2","v1.3.3","v1.3.3-rc1","v1.3.4","v1.3.4-rc1","v1.3.5-rc1","v1.4.0","v1.4.1","v1.4.1-rc1","v1.4.1-rc2","v1.4.2","v1.4.2-rc1","v1.4.2-rc2","v1.4.2-try1","v1.4.3-rc1","v1.5.0","v1.5.1","v1.5.1-rc1","v1.5.2","v1.5.2-rc1","v1.5.2-rc2","v1.5.2-rc3","v1.5.3-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7297.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}