CVE-2025-67601 (GCVE-0-2025-67601)

Vulnerability from cvelistv5 – Published: 2026-02-25 10:36 – Updated: 2026-02-25 10:36
VLAI?
Title
Rancher CLI skips TLS verification on Rancher CLI login command
Summary
A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.
Severity ?
8.3 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
SUSE rancher Affected: 0 , < 0.0.0-20260129092249-bb0625fd1896 (semver)
Affected: 2.13.0 , < 2.13.2 (semver)
Affected: 2.12.0 , < 2.12.6 (semver)
Affected: 2.11.0 , < 2.11.10 (semver)
Affected: 2.10.0 , < 2.10.11 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "github.com/rancher/rancher",
          "product": "rancher",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.0.0-20260129092249-bb0625fd1896",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.13.2",
              "status": "affected",
              "version": "2.13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.12.6",
              "status": "affected",
              "version": "2.12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.11.10",
              "status": "affected",
              "version": "2.11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.10.11",
              "status": "affected",
              "version": "2.10.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-02-01T16:58:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the \u003c/span\u003e\u003ccode\u003e-skip-verify\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;flag to the Rancher CLI login command without also passing the \u003c/span\u003e\u003ccode\u003e\u2013cacert\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;flag results in the CLI attempting to fetch CA certificates stored in Rancher\u2019s setting cacerts. \u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify\u00a0flag to the Rancher CLI login command without also passing the \u2013cacert\u00a0flag results in the CLI attempting to fetch CA certificates stored in Rancher\u2019s setting cacerts."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295: Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T10:36:57.771Z",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67601"
        },
        {
          "url": "https://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5p"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Rancher CLI skips TLS verification on Rancher CLI login command",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2025-67601",
    "datePublished": "2026-02-25T10:36:57.771Z",
    "dateReserved": "2025-12-09T14:05:21.453Z",
    "dateUpdated": "2026-02-25T10:36:57.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-67601\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2026-02-25T11:16:02.643\",\"lastModified\":\"2026-02-25T14:15:29.980\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify\u00a0flag to the Rancher CLI login command without also passing the \u2013cacert\u00a0flag results in the CLI attempting to fetch CA certificates stored in Rancher\u2019s setting cacerts.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67601\",\"source\":\"meissner@suse.de\"},{\"url\":\"https://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5p\",\"source\":\"meissner@suse.de\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.