Rancher Installation Page Exposure Detection Scanner

Rancher is a popular open-source platform used by DevOps teams worldwide to manage Kubernetes clusters. It provides a robust and flexible environment for orchestrating containers and is used by companies of all sizes to simplify Kubernetes management. Rancher includes features like workload management and monitoring, and it's often used in cloud-native applications. The platform is typically deployed in on-premises data centers or on cloud providers such as AWS, Azure, and Google Cloud. With an easy-to-navigate dashboard, it facilitates container deployment, scaling, and load balancing. However, an incomplete setup can expose the system to unauthorized configuration and control.

The vulnerability detected pertains to an incomplete Rancher setup, where the initial setup page remains publicly accessible. This condition indicates an unconfigured instance at risk of unauthorized intervention. Before an administrator completes the setup, an attacker could gain access and potentially configure the platform with malicious intent. The presence of the page is determined if the bootstrap login page at "/dashboard/auth/login" is accessible. This is a common oversight during installations and can have serious security implications if exploited.

Technically, the vulnerability is verified by accessing a specific endpoint: "/v3/settings/first-login." If this configuration returns a success response containing the words "value": "true" and "name": "first-login", it suggests that Rancher hasn't completed the initial setup. The presence of a 200 HTTP status code facilitates this verification. If this condition is found to be true, it shows potential vulnerability to unauthorized setup completion by an attacker.

If exploited, this vulnerability can lead to several malicious actions. Attackers could potentially complete the setup process, granting themselves administrative access to the Rancher platform. This access could allow them to deploy unauthorized workloads, manipulate Kubernetes clusters, and disrupt operations. The integrity of deployed applications could be compromised, leading to potential data breaches or service interruptions. Closing this setup gap is critical to maintaining the security posture of Rancher deployments.

REFERENCES

• https://rancher.com/docs/rancher/v2.6/en/installation/