SAML Authentication Vulnerability in Rancher Manager by Rancher
CVE-2024-58267

8HIGH

Key Information:

Vendor: Suse
Status: Rancher
Vendor: CVE Published:; 2 October 2025

What is CVE-2024-58267?

Rancher Manager has revealed a vulnerability tied to SAML authentication, specifically involving the Rancher CLI tool. This flaw can be exploited by malicious actors to execute phishing attacks aimed at obtaining Rancher’s authentication tokens, potentially compromising the security of user accounts. It is vital for users and administrators of Rancher Manager to address this vulnerability to safeguard their systems against unauthorized access.

Affected Version(s)

rancher 2.12.0 < 2.12.2

rancher 2.11.0 < 2.11.6

rancher 2.10.0 < 2.10.10

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58267

https://github.com/rancher/rancher/security/advisories/GH...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2025
Vulnerability Reserved
Sep 4, 2025

JSON

Suse

What is CVE-2024-58267?

Affected Version(s)

References

CVSS V3.1

Timeline