HIGHVulnerability
Verified
Global
NVD HIGH: CVE-2026-44946 — A SAML authentication replay vulnerability in Rancher's Assertion Consumer Serv...
·Source: NIST NVD
Updated:
Executive Summary
A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,
Analysis
A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3, CVSS Score: 7.4. Published: 2026-06-30T13:18:42.190.