Description

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

INFO

Published Date :

2026-02-25T10:36:57.771Z

Last Modified :

2026-02-26T14:44:07.081Z

Source :

suse
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67601 vulnerability.

Vendors Products
Suse
  • Rancher
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67601.

URL Resource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67601 cve-icon cve-icon
https://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5p cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact