CVE-2025-62879

🗓️ 04 Mar 2026 15:08:11Reported by suseType

CVE-2025-62879 exposes S3 access and secret keys in Rancher Backup Operator pod logs.

Reporter	Title	Published	Views	Family All 129
ATTACKERKB	CVE-2025-62879	4 Mar 202615:08	–	attackerkb
Chainguard	CVE-2025-62879 vulnerabilities	23 Jun 202608:16	–	cgr
Circl	CVE-2025-62879	4 Mar 202615:52	–	circl
CNNVD	Backup and Restore Operator 日志信息泄露漏洞	4 Mar 202600:00	–	cnnvd
Cvelist	CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens	4 Mar 202615:08	–	cvelist
Github Security Blog	Rancher Backup Operator pod's logs leak S3 tokens	3 Mar 202616:44	–	github
NVD	CVE-2025-62879	4 Mar 202616:16	–	nvd
OSV	CGA-XCGH-MVRX-46CR	19 Jun 202610:39	–	osv
OSV	CVE-2025-62879	4 Mar 202616:16	–	osv
OSV	GHSA-WJ3P-5H3X-C74Q Rancher Backup Operator pod's logs leak S3 tokens	3 Mar 202616:44	–	osv

NVD

Node

suse rancher_backup_and_restore_operatorRange6.0.0–6.0.3

suse rancher_backup_and_restore_operatorRange7.0.0–7.0.5

suse rancher_backup_and_restore_operatorRange8.0.0–8.1.2

suse rancher_backup_and_restore_operatorRange9.0.0–9.0.1

[
  {
    "defaultStatus": "unaffected",
    "packageName": "github.com/rancher/backup-restore-operator",
    "product": "Rancher",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "9.0.1",
        "status": "affected",
        "version": "9.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "8.1.2",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "7.0.5",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.0.3",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
github	www.github.com/advisories/GHSA-wj3p-5h3x-c74q
bugzilla	www.bugzilla.suse.com/show_bug.cgi

17 Jun 2026 09:52Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.14.9 - 6.8

EPSS0.0034

SSVC

CWE-532