vulnerability

SUSE: CVE-2025-23387: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Feb 27, 2025	Dec 5, 2025	Dec 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Feb 27, 2025

Added

Dec 5, 2025

Modified

Dec 5, 2025

Description

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed unauthenticated users to list all CLI authentication tokens and delete them before the CLI is able to get the token value.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

Solution

suse-upgrade-govulncheck-vulndb

References

CVE-2025-23387
https://attackerkb.com/topics/CVE-2025-23387
CWE-200

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today