FKIE_CVE-2025-67601

Vulnerability from fkie_nvd - Published: 2026-02-25 11:16 - Updated: 2026-03-03 16:26
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.
References
meissner@suse.dehttps://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67601Issue Tracking
meissner@suse.dehttps://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5pVendor Advisory
Impacted products
Vendor Product Version
suse rancher *
suse rancher *
suse rancher *
suse rancher *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8434BB27-8099-4685-9FE5-C3E4FF565E79",
              "versionEndExcluding": "2.10.11",
              "versionStartIncluding": "2.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B7549C0-3315-469C-A43F-E8B7095E570D",
              "versionEndExcluding": "2.11.10",
              "versionStartIncluding": "2.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C70333-B5C6-4DAB-92B0-0FA49ED9CBE7",
              "versionEndExcluding": "2.12.6",
              "versionStartIncluding": "2.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDEACDC9-6A42-488C-AD8B-46E1B26CA943",
              "versionEndExcluding": "2.13.2",
              "versionStartIncluding": "2.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify\u00a0flag to the Rancher CLI login command without also passing the \u2013cacert\u00a0flag results in the CLI attempting to fetch CA certificates stored in Rancher\u2019s setting cacerts."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad ha sido identificada dentro de Rancher Manager, donde el uso de certificados CA autofirmados y pasar la bandera -skip-verify al comando de inicio de sesi\u00f3n de Rancher CLI sin pasar tambi\u00e9n la bandera \u2013cacert resulta en que la CLI intenta obtener certificados CA almacenados en la configuraci\u00f3n \u0027cacerts\u0027 de Rancher."
    }
  ],
  "id": "CVE-2025-67601",
  "lastModified": "2026-03-03T16:26:32.240",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 6.0,
        "source": "meissner@suse.de",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-02-25T11:16:02.643",
  "references": [
    {
      "source": "meissner@suse.de",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67601"
    },
    {
      "source": "meissner@suse.de",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5p"
    }
  ],
  "sourceIdentifier": "meissner@suse.de",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "meissner@suse.de",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.