4 matches found
Phishing Attack
github.com/rancher/rancher is vulnerable to Phishing Attack. The vulnerability is due to a weakness in the custom SAML authentication protocol used by the Rancher CLI, which allows an attacker to steal authentication tokens through crafted phishing attempts...
GO-2025-4073 Rancher user retains access to clusters despite Global Role removal in github.com/rancher/rancher
Rancher user retains access to clusters despite Global Role removal in github.com/rancher/rancher...
GO-2025-3586 Rancher: Restricted Administrator can change Administrator's passwords in github.com/rancher/rancher
Rancher: Restricted Administrator can change Administrator's passwords in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
Privilege Escalation
github.com/rancher/rancher is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation which allows an unauthorized user to log in with administrative privileges...