Critical Vulnerability Identified in Rancher

A critical vulnerability has been identified in Rancher, allowing a Restricted Administrator to change the password of Administrators and take control of their accounts. Normally, a Restricted Administrator should not be able to modify the password of users with higher privileges, unless they have the Manage Users permissions. Implementations of Rancher that do not use the restricted administrator role are not affected by this CVE.