CVE Catalog
CVE-2025-71261
HighCVSS 8.6Summary
An attacker with network-level access between SUSE Virtualization and Rancher Manager in SUSE Harvester before version 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control.
Risk Assessment
The ability to bypass TLS security poses a significant risk to the confidentiality and integrity of data transmitted between components.
Recommendation
It is recommended to upgrade SUSE Harvester to version 1.8.0 or later to mitigate this vulnerability.
Original NVD description (English source)
An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control.

