{"vulnerability": "CVE-2025-23389", "sightings": [{"uuid": "10a22718-b6aa-4f7d-b0e2-3335ca749d37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljgyezbfo22j", "content": "", "creation_timestamp": "2025-03-03T03:16:45.298449Z"}, {"uuid": "2b56bba9-b3a5-4c92-b326-bdc7695d0226", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-23389", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljjozwbdj224", "content": "", "creation_timestamp": "2025-03-04T05:07:28.592195Z"}, {"uuid": "e7532f48-e7f5-4a5a-a69d-2ad352f47ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ljjnlyr6aq24", "content": "", "creation_timestamp": "2025-03-04T04:41:48.004590Z"}, {"uuid": "fdf2933f-bc48-4041-ba1b-a0f84decbfb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmjwkr7k4y2g", "content": "", "creation_timestamp": "2025-04-11T11:37:44.391397Z"}, {"uuid": "282457c3-acb5-4956-bac8-ecd9494ed9d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114319534961696220", "content": "", "creation_timestamp": "2025-04-11T13:21:10.867472Z"}, {"uuid": "54e751c2-3e92-4e3c-9f94-bbadad141004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114319644533856599", "content": "", "creation_timestamp": "2025-04-11T13:49:02.720191Z"}, {"uuid": "d886824e-c926-48a4-97d2-7f34f1201614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "https://t.me/cvedetector/22727", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23389 - SUSE Rancher SAML Impersonation Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23389 \nPublished : April 11, 2025, 11:15 a.m. | 18\u00a0minutes ago \nDescription : A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.  \nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T13:56:33.000000Z"}, {"uuid": "d3bed1d0-0bf7-4061-9fdb-a6f38e0f616d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "a5733213-7031-40de-8814-ec7fdbfb1f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23389", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11419", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23389\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L)\n\ud83d\udd39 Description: A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.\n\ud83d\udccf Published: 2025-04-11T10:46:43.655Z\n\ud83d\udccf Modified: 2025-04-11T10:46:43.655Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389\n2. https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4", "creation_timestamp": "2025-04-11T11:50:51.000000Z"}]}