VYPR
High severity8.4OSV Advisory· Published Apr 11, 2025· Updated Apr 15, 2026

CVE-2025-23389

CVE-2025-23389

Description

A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
>= 2.8.0, < 2.8.132.8.13
github.com/rancher/rancherGo
>= 2.9.0, < 2.9.72.9.7
github.com/rancher/rancherGo
>= 2.10.0, < 2.10.32.10.3

Affected products

3

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.