The issue has been rated High severity and was published under advisory GHSA-mc24-7m59-4q5p by samjustus last week.
The flaw affects Rancher Manager packages in the Go ecosystem, specifically within the GitHub repository github.com/rancher/rancher.
It occurs when a user logs into Rancher CLI using the command rancher login with the --skip-verify flag, but without the --cacert flag.
Under these conditions, the CLI attempts to fetch CA certificates from Rancher Manager’s internal settings (cacerts), bypassing crucial TLS validation.
This vulnerability makes the TLS handshake process vulnerable to interception. A remote attacker who can position themselves between the Rancher CLI and Rancher Manager could perform a Man-in-the-Middle (MITM) attack, potentially capturing basic authentication headers and session tokens during login.
This exposure directly threatens the confidentiality and integrity of the environment, allowing threat actors unauthorized access to Rancher clusters.
The impact of this vulnerability is tied to improper validation of TLS certificates when connecting via Rancher CLI.
the --skip-verify flag disables server certificate verification, and the CLI fetches trusted CA certificates from the Rancher Manager automatically; an attacker could return a malicious CA they control to impersonate a trusted service.
Such an attack aligns with the MITRE ATT&CK technique T1557 (Man-in-the-Middle), enabling interception or modification of data during communication.
Compromise at this level could expose sensitive administrative credentials or allow manipulation of cluster configurations.
| Field | Details |
|---|---|
| CVE ID | CVE-2025-67601 |
| Advisory | GHSA-mc24-7m59-4q5p |
| Severity | High |
The Rancher development team has released patched versions that remove the automatic CA certificate fetching behavior for the login command. Going forward, administrators must explicitly supply CA certificates when connecting to Rancher Manager using self-signed certificates.
Patched Versions:
If upgrading is not immediately possible, users should always include the –cacert flag with a valid CA certificate when executing rancher logi, especially in environments using self-signed CAs.
Security teams are urged to validate whether Rancher CLI connections occur over untrusted networks and to upgrade to the latest stable release as soon as possible.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Rancher Manager Security Bug Could Allow Attackers to Steal Admin Credentials appeared first on Cyber Security News.
We've seen the Alien and Predator franchises cross over numerous times across various media, but…
Check out this brand new deal on a high-capacity, high-output power bank with a huge…
It takes more than a single speaker to reproduce an entire soundstage. That's where Sonos'…
Two upcoming poetry Sangha events aim to engage participants in mindfulness meditation and spiritually-grounded personal…
North Korea has been running one of the most quietly effective cyber fraud operations in…
A rogue npm package named js-logger-pack has been caught quietly turning Hugging Face, a widely trusted AI…
This website uses cookies.