Impact A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDIT_LEVEL set to 1 or above are impacted by this issue. The leaks might be caught in the audit logs upon these actions: Creating cloud credentials or new authentication providers. It is crucial to note that all authentication providers (such as AzureAD) and cloud providers (such as Google) are impacted. Downloading a kubeconfig file from a downstream or a local cluster. Logging in/out from Rancher. The affected data may include the following: HTTP headers Field | Location — | — X-Api-Auth-Header | Request header X-Api-Set-Cookie-Header | Response header X-Amz-Security-Token | Request header credentials | Request body applicationSecret | Request Body oauthCredential | Request Body serviceAccountCredential | Request Body spKey | Request Body spCert | Request body spCert | Response body certificate | Request body privateKey | Request body API Server calls returning Secret objects (including sub-types, such as kubernetes.io/dockerconfigjson). Raw command lines used by agents to connect to the Rancher server which expose sensitive information (e.g. register … –token abc). Kubeconfig contents when the 'Download KubeConfig' feature is used in the Rancher UI. The patched versions will redact the sensitive data, replacing it with [redacted], making it safer for…Read More