Lucene search
K

5 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-44946

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS0.00316EPSS
Exploits0References1
Veracode
Veracode
added 2025/11/12 5:10 a.m.5 views

Phishing Attack

github.com/rancher/rancher is vulnerable to Phishing Attack. The vulnerability is due to a weakness in the custom SAML authentication protocol used by the Rancher CLI, which allows an attacker to steal authentication tokens through crafted phishing attempts...

8CVSS7.1AI score0.00217EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/10/30 3:2 p.m.4 views

GO-2025-4073 Rancher user retains access to clusters despite Global Role removal in github.com/rancher/rancher

Rancher user retains access to clusters despite Global Role removal in github.com/rancher/rancher...

4.3CVSS6.9AI score0.00208EPSS
Exploits0References2
OSV
OSV
added 2025/04/02 4:2 p.m.8 views

GO-2025-3586 Rancher: Restricted Administrator can change Administrator's passwords in github.com/rancher/rancher

Rancher: Restricted Administrator can change Administrator's passwords in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

9.1CVSS7AI score0.00433EPSS
Exploits0References1
Veracode
Veracode
added 2022/05/05 3:39 a.m.29 views

Privilege Escalation

github.com/rancher/rancher is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation which allows an unauthorized user to log in with administrative privileges...

7.2CVSS4AI score0.00842EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder