CVE-2024-58267NVD

Vulnerability Summary

A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens.

Severity Level

HIGH(8.0)

Published Date

Oct 2, 2025

Last Modified

Oct 2, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-345: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityHigh

Privileges RequiredLow

User InteractionRequired

ScopeChanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58267
https://github.com/rancher/rancher/security/advisories/GHSA-v3vj-5868-2ch2

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2024-58267NVD

Vulnerability Summary

External References