CVE-2026-44935: Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.
Metrics
- CVSS v3.1
- 9.9
- Severity
- CRITICAL
- Fixed in
- 0.12.15
- Affected Products
- 1
HarborGuard Analysis
Synopsis
This is a cross-namespace secret disclosure vulnerability in SUSE Rancher Fleet's Helm Deployer component, affecting versions 0.12.x before 0.12.15, 0.13.x before 0.13.11, 0.14.x before 0.14.6, and 0.15.x before 0.15.2. The flaw is reachable over the network and requires only a low-privilege account; because the CVSS scope is changed, a tenant with access to one namespace can read Fleet credentials belonging to other tenants. Successful exploitation grants full confidentiality, integrity, and availability impact across tenant boundaries, including access to secrets that control downstream cluster deployments. Patched-image rebuilds at the fixed versions are available on HarborGuard for environments running affected versions.
HarborGuard Coverage
Detection of CVE-2026-44935 is available across every HarborGuard environment; the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images in connected registries and CI pipelines, including internally built images that package Rancher Fleet components.
AvailableTriage is available with the full CVSS v3.1 score of 9.9 (Critical) applied automatically, weighted further by each customer's per-environment compliance policies; findings are routed to the appropriate team inbox within the affected customer organization based on configured ownership rules.
AvailableA patched-image rebuild at the applicable fix version (0.12.15, 0.13.11, 0.14.6, or 0.15.2 depending on the branch in use) becomes available on HarborGuard as soon as the upstream image is resolvable. For customers who opt into auto-remediation, HarborGuard triggers a rebuild, runs the configured regression test suite, and opens a pull request against affected workloads automatically.
AvailableExploit Conditions
- Network reachabilityRequired
The attacker must reach the Rancher Fleet API over the network; the vulnerable endpoint is exposed as a networked service.
- AuthenticationRequired
A valid low-privilege account within any tenant is sufficient; no administrative access is needed to trigger the cross-namespace read.
- Victim interactionNot required
No action from another user or administrator is needed; the attacker can exploit the flaw entirely on their own.
- Attack complexityDetail
Exploit conditions are straightforward and reliable; no race conditions, memory-layout dependencies, or special environmental configuration are required.
Blast Radius
- Reads Fleet credentials and Helm values secrets belonging to other tenants in the same Rancher Fleet installation, including cluster kubeconfigs and registry pull secrets.
- Writes to downstream clusters are possible using stolen credentials, allowing an attacker to modify workloads, configs, or RBAC rules on clusters they do not own.
- Crashes or destabilizes downstream cluster deployments by injecting malformed Helm values sourced from cross-namespace secrets.
- Because the CVSS scope is changed, impact escapes the attacker's own tenant boundary and affects the broader multi-tenant Fleet control plane.
How HarborGuard Handles This
Available on HarborGuard: detection fires within minutes of the CVE's publication date and surfaces any image in a customer registry or pipeline that packages an affected Rancher Fleet version (0.12.x before 0.12.15, 0.13.x before 0.13.11, 0.14.x before 0.14.6, or 0.15.x before 0.15.2). Given the Critical severity (CVSS 9.9) and the cross-tenant credential exposure, this CVE is prioritized at the highest triage tier. For customers who opt into auto-remediation, HarborGuard can rebuild images at the appropriate fixed version, execute the configured regression test suite, and open a pull request against affected workloads; for high and critical severity issues, the median time from CVE publication to a merged patch PR in auto-remediation-enabled environments is around 90 minutes. For environments where auto-remediation is not enabled, HarborGuard surfaces the finding with fix-version guidance so teams can act manually. Where compliance policy requires additional compensating controls before patching, consider applying Kubernetes NetworkPolicy rules to restrict which service accounts can read secrets across namespaces, and audit existing Fleet GitRepo resources for unexpected valuesFrom references pointing outside their own namespace.
Fix available
- SUSE / Rancher< 0.15.2 (from 0.15.0) · < 0.14.6 (from 0.14.0) · < 0.13.11 (from 0.13.0) · < 0.12.15 (from 0.12.0)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H