SAML Authentication Vulnerability in Rancher Manager by Rancher
CVE-2024-58267

8HIGH

Key Information:

Vendor

Suse

Status
Vendor
CVE Published:
2 October 2025

What is CVE-2024-58267?

Rancher Manager has revealed a vulnerability tied to SAML authentication, specifically involving the Rancher CLI tool. This flaw can be exploited by malicious actors to execute phishing attacks aimed at obtaining Rancher’s authentication tokens, potentially compromising the security of user accounts. It is vital for users and administrators of Rancher Manager to address this vulnerability to safeguard their systems against unauthorized access.

Affected Version(s)

rancher 2.12.0 < 2.12.2

rancher 2.11.0 < 2.11.6

rancher 2.10.0 < 2.10.10

References

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-58267 : SAML Authentication Vulnerability in Rancher Manager by Rancher