Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2024-58259
CVE-2024-58259:
vulnerability analysis and mitigation
Overview
A high-severity vulnerability (CVE-2024-58259) has been identified in Rancher Manager, affecting versions 2.12.0, 2.11.0, 2.10.0, and 2.9.0. The vulnerability stems from the lack of request body size limits on certain public and authenticated API endpoints. This security flaw was discovered and disclosed in September 2025, impacting the Rancher container management platform, which is widely used to manage Kubernetes clusters in production environments (Security Online, GitHub Advisory).
Technical details
The vulnerability carries a CVSS v3.1 base score of 8.2 (High), with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H. The technical issue arises from the absence of request body size limits on both unauthenticated /v3-public/* endpoints and several authenticated APIs. When exploited, the server fully loads excessive payloads into memory during processing, potentially leading to resource exhaustion (GitHub Advisory).
Impact
The primary impact of this vulnerability is the potential for Denial of Service (DoS) conditions, where the server process may crash or become unresponsive when memory consumption exceeds available resources. The vulnerability affects both administrative and user operations across managed Kubernetes clusters, potentially disrupting enterprise operations. The broad attack surface includes both unauthenticated and authenticated API endpoints (Security Online, GitHub Advisory).
Mitigation and workarounds
SUSE has released patched versions including Rancher v2.12.1, v2.11.5, v2.10.9, and v2.9.12, which implement a default limit of 1MiB on request body sizes. For users unable to immediately upgrade, a temporary workaround involves manually setting request body size limits, such as using nginx-ingress controller and only allowing requests via the ingress (GitHub Advisory).
Community reactions
The SUSE Rancher Security Team has issued a security advisory addressing this high-severity vulnerability, emphasizing its potential impact on enterprise operations. The security community has classified this as a significant security issue due to its high CVSS score and the widespread use of Rancher across cloud and on-premises environments (Security Online).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management