{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-58269", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "state": "PUBLISHED", "assignerShortName": "suse", "dateReserved": "2025-10-08T13:43:38.712Z", "datePublished": "2025-10-29T14:58:06.640Z", "dateUpdated": "2025-10-29T15:10:05.138Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "github.com/rancher/rancher", "product": "rancher", "vendor": "SUSE", "versions": [{"lessThan": "0.0.0-20251013203444-50dc516a19ea", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2025-10-24T13:24:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs."}], "value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-10-29T14:58:06.640Z"}, "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269"}, {"url": "https://github.com/rancher/rancher/security/advisories/GHSA-mw39-9qc2-f7mg"}], "source": {"discovery": "UNKNOWN"}, "title": "Rancher exposes sensitive information through audit logs", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-29T15:09:03.657329Z", "id": "CVE-2024-58269", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-29T15:10:05.138Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-58269", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-29T15:09:03.657329Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-29T15:09:24.121Z"}}], "cna": {"title": "Rancher exposes sensitive information through audit logs", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SUSE", "product": "rancher", "versions": [{"status": "affected", "version": "0", "lessThan": "0.0.0-20251013203444-50dc516a19ea", "versionType": "semver"}], "packageName": "github.com/rancher/rancher", "defaultStatus": "unaffected"}], "datePublic": "2025-10-24T13:24:00.000Z", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269"}, {"url": "https://github.com/rancher/rancher/security/advisories/GHSA-mw39-9qc2-f7mg"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-10-29T14:58:06.640Z"}}}, "cveMetadata": {"cveId": "CVE-2024-58269", "state": "PUBLISHED", "dateUpdated": "2025-10-29T15:10:05.138Z", "dateReserved": "2025-10-08T13:43:38.712Z", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "datePublished": "2025-10-29T14:58:06.640Z", "assignerShortName": "suse"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs."}], "id": "CVE-2024-58269", "lastModified": "2025-10-30T15:03:13.440", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2025-10-29T15:15:41.077", "references": [{"source": "meissner@suse.de", "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269"}, {"source": "meissner@suse.de", "url": "https://github.com/rancher/rancher/security/advisories/GHSA-mw39-9qc2-f7mg"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "meissner@suse.de", "type": "Primary"}]}

{}

{"created": "2025-10-30T14:38:20.156669+00:00", "updated": "2025-10-30T14:38:20.156705+00:00", "vendors": ["suse", "suse$PRODUCT$rancher"]}