{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2022-21947","title":"Title"},{"category":"description","text":"A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2022-21947","url":"https://www.suse.com/security/cve/CVE-2022-21947"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1197491 for CVE-2022-21947","url":"https://bugzilla.suse.com/1197491"},{"category":"external","summary":"Advisory link for GHSA-x5mj-x8h3-9pcc","url":"https://github.com/rancher-sandbox/rancher-desktop/security/advisories//GHSA-x5mj-x8h3-9pcc"}],"title":"SUSE CVE CVE-2022-21947","tracking":{"current_release_date":"2025-02-16T07:44:07Z","generator":{"date":"2023-02-15T03:28:58Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2022-21947","initial_release_date":"2023-02-15T03:28:58Z","revision_history":[{"date":"2023-02-15T03:28:58Z","number":"2","summary":"Current version"},{"date":"2025-01-01T03:16:46Z","number":"3","summary":"Current version"},{"date":"2025-02-14T08:01:30Z","number":"4","summary":"Current version"},{"date":"2025-02-16T07:44:07Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}