Home

Description

A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any entity with access to Rancher audit logs.

PUBLISHED Reserved 2025-10-08 | Published 2025-10-29 | Updated 2025-10-29 | Assigner suse




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-532: Insertion of Sensitive Information into Log File

Product status

Default status
unaffected

Any version before 0.0.0-20251013203444-50dc516a19ea
affected

References

bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269

github.com/...ancher/security/advisories/GHSA-mw39-9qc2-f7mg

cve.org (CVE-2024-58269)

nvd.nist.gov (CVE-2024-58269)

Download JSON