CNNVD-202510-349 Information

CNNVD ID

CNNVD-202510-349

Related CVE

CVE-2024-58267

• CNNVD Published: 2025-10-02

Description (Chinese)

Rancher是美国Rancher开源的一个开源容器管理平台，专为在生产环境中部署容器的组织而构建。 Rancher存在数据伪造问题漏洞，该漏洞源于SAML身份验证协议存在缺陷，可能导致钓鱼攻击和身份验证令牌窃取。

Description (English)

Rancher, an open-source container management platform at Rancher Open Source, United States, was built specifically for the organization that deployed containers in the production environment. Rancher has a data-falsification loophole, which stems from the defects in the SAML identification protocol, which may lead to fishing attacks and the theft of identification badges.

Hazard Level

Medium

Vulnerability Type

数据伪造问题

Affected Vendor

Rancher

Published

2025-10-02

Last Modified

2026-02-24

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58267 https://github.com/rancher/rancher/security/advisories/GHSA-v3vj-5868-2ch2

Patch

https://www.rancher.com/