github.com/rancher/rancher is vulnerable to man-in-the-middle attacks. A remote attacker is able to read and change network data because the network traffic in the cluster is sent unencrypted when it is created from an RKE template with the CNI value overridden.
bugzilla.suse.com/show_bug.cgi?id=1199443
github.com/rancher/rancher/commit/0f37c674860acbcc9428a61b7b7508262775b300
github.com/rancher/rancher/commit/a31f5b8613d994122d9a7460700b028e61970ab5
github.com/rancher/rancher/pull/37504
github.com/rancher/rancher/pull/37606
github.com/rancher/rancher/security/advisories/GHSA-vrph-m5jj-c46c