CVE-2024-58269

CWE-532Log File Information Exposure5 documents4 sources
Severity
4.3MEDIUM
EPSS
0.0%
top 98.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Suse RancherGithub.com Rancher/rancher
Timeline
PublishedOct 29
Latest updateOct 30

Description

A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any entity with access to Rancher audit logs.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5suse/rancher< 0.0.0-20251013203444-50dc516a19ea
Gogithub.com/rancher/rancher< 0.0.0-20251013203444-50dc516a19ea

🔴Vulnerability Details

4
OSV
Rancher exposes sensitive information through audit logs in github.com/rancher/rancher2025-10-30
CVEList
Rancher exposes sensitive information through audit logs2025-10-29
OSV
Rancher exposes sensitive information through audit logs2025-10-24
GHSA
Rancher exposes sensitive information through audit logs2025-10-24
CVE-2024-58269 (MEDIUM CVSS 4.3) | A vulnerability has been identified | cvebase.io