Vulnerability DatabaseCVE-2024-58269
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2024-58269
October 29, 2025
A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any entity with access to Rancher audit logs.
Affected Packages
https://github.com/rancher/rancher.git (GITHUB):
Affected version(s) >=v2.9.0 <v2.12.3
Fix Suggestion:
Update to version v2.12.3
Related ResourcesĀ (6)
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269
https://github.com/rancher/rancher
https://github.com/rancher/rancher/commit/50dc516a19ea216e270f738912dc8d0c9ca99d5d
https://nvd.nist.gov/vuln/detail/CVE-2024-58269
https://github.com/rancher/rancher/security/advisories/GHSA-mw39-9qc2-f7mg
https://github.com/rancher/rancher/commit/26ad9216e94f77b5471f638256a6989030572adc
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE
Weakness Type (CWE)
Insertion of Sensitive Information into Log File
CWE-532
EPSS
Base Score:
0.01