Security Advisory

CVE-2025-54468

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-02 10:00:18

Last updated 2025-10-02 14:10:23

Assigner suse

State PUBLISHED

Description

A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses.

← Browse all CVEs View on cve.org ↗