How to fix CVE-2025-67601?

Within 24 hours: audit all Rancher CLI configurations to identify instances using -skip-verify flag without -cacert flag; notify teams of the vulnerability and halt non-critical Rancher CLI operations using this configuration. Within 7 days: implement mandatory use of -cacert flag in all CLI scripts and automation; document approved CA certificate paths for all environments. Within 30 days: conduct full inventory of Rancher deployments, migrate to vendor patch when available, and implement centralized CLI configuration management to prevent future misconfigurations.

Is Rancher affected by CVE-2025-67601?

Organizations using Rancher Manager with self-signed CA certificates face a vulnerability that could allow attackers to intercept or manipulate cluster management communications if the CLI login process is misconfigured.

CVE-2025-67601

HIGH

2026-02-25 [email protected]

GHSA-mc24-7m59-4q5p

8.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 25, 2026 - 11:16 nvd

HIGH 8.3

Description

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the -cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

Analysis

Technical Context

Classified as CWE-295 (Improper Certificate Validation). Affects Rancher. A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

Affected Products

Vendor: Suse. Product: Rancher.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +42

POC: 0

Vendor Status

CVE-2025-67601 vulnerability details – vuln.today

Back

CVE-2025-67601

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

CVE-2025-67601

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

External POC / Exploit Code