How severe is CVE-2023-22648?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2023-22648?

This is classified as CWE-271, which is a common weakness in software security.

CVE-2023-22648 - HIGH Severity | CVSS 8.8

Vulnerability Description

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group, thus retaining their access to Rancher instead of losing it. This issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

Related Vulnerabilities

CVE-2024-0985

HIGH

CVSS:8.0(High)

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions ...

CWE-2712024

CVE-2022-3569

HIGH

CVSS:7.8(High)

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively c...

CWE-2712022

CVE-2025-23395

HIGH

CVSS:7.8(High)

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root...

CWE-2712025

CVE-2024-0985

HIGH

CVSS:8.0(High)

CWE-2712024

CVE-2022-3569

HIGH

CVSS:7.8(High)

CWE-2712022

CVE-2025-23395

HIGH

CVSS:7.8(High)

CWE-2712025