Suse Rancher vulnerabilities

CVE-2025-62879 [MEDIUM] CWE-532 CVE-2025-62879: A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.

CVE-2025-62878 [CRITICAL] CWE-23 CVE-2025-62878: A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.

CVE-2025-67601 [HIGH] CWE-295 CVE-2025-67601: A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

CVE-2024-58269 [MEDIUM] CWE-532 CVE-2024-58269: A vulnerability has been identified in Rancher Manager, where sensitive information, including secr A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any entity with access to Rancher audit logs.

CVE-2023-32199 [MEDIUM] CWE-281 CVE-2023-32199: A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRol A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a * on * in * rule for resources or have a * on * rule for non-resource URLs

CVE-2024-58260 [HIGH] CWE-863 CVE-2024-58260: A vulnerability has been identified within Rancher Manager where a missing server-side validation on A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts.

CVE-2024-58267 [HIGH] CWE-345 CVE-2024-58267: A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens.

CVE-2025-54468 [MEDIUM] CWE-200 CVE-2025-54468: A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses.

CVE-2024-58259 [HIGH] CWE-770 CVE-2024-58259: A vulnerability has been identified within Rancher Manager in which it did not enforce request body A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into memory during processing, leading to Denial of Service (DoS)

CVE-2024-52284 [HIGH] CWE-312 CVE-2024-52284: Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeplo Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.

CVE-2024-22036 [CRITICAL] CWE-269 CVE-2024-22036: A vulnerability has been identified within Rancher where a cluster or node driver can be used to esc A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environment

CVE-2023-32197 [HIGH] CWE-269 CVE-2023-32197: A Improper Privilege Management vulnerability in SUSE rancher in RoleTemplateobjects when external=t A Improper Privilege Management vulnerability in SUSE rancher in RoleTemplateobjects when external=true is set can lead to privilege escalation in specific scenarios.This issue affects rancher: from 2.7.0 before 2.7.14, from 2.8.0 before 2.8.5.

CVE-2024-52281 [HIGH] CWE-79 CVE-2024-52281: A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field. This issue affects rancher: from 2.9.0 before 2.9.4.

CVE-2025-23391 [CRITICAL] CWE-266 CVE-2025-23391: A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4.

CVE-2025-23389 [HIGH] CWE-284 CVE-2025-23389: A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other ide A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

CVE-2025-23388 [HIGH] CWE-121 CVE-2025-23388: A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

CVE-2024-52280 [HIGH] CWE-200 CVE-2024-52280: A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which al A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type. This issue affects rancher: before 2175e09, before 6e30359, before c744f0b.

CVE-2025-23387 [MEDIUM] CWE-200 CVE-2025-23387: A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed u A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed unauthenticated users to list all CLI authentication tokens and delete them before the CLI is able to get the token value.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

CVE-2024-52282 [MEDIUM] CWE-200 CVE-2024-52282: A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. Th

CVE-2022-45157 [HIGH] CWE-522 CVE-2022-45157: A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Int A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only app