CVE-2025-23391 in Rancherinfo

Summary

by MITRE • 04/11/2025

A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

01/15/2025

Disclosure

04/11/2025

Moderation

accepted

Entry

VDB-302905

CPE

ready

CWE

CWE-266 (confirmed)

CVSS

4.7 (VulDB)

EPSS

0.00235

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-23391
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-23391
CVE Details	https://www.cvedetails.com/cve/CVE-2025-23391/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!