HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-44946 — A SAML authentication replay vulnerability in Rancher's Assertion Consumer Serv...

·Source: NIST NVD

Updated:

Executive Summary

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,

Analysis

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3, CVSS Score: 7.4. Published: 2026-06-30T13:18:42.190.

Indicators of Compromise (1)

CVE (1)
CVE-2026-44946
Source Attribution

Originally published by NIST NVD on Jun 30, 2026. Verified by: NIST.

Related Threats