CVE-2025-71261: Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS

📋 Vulnerability Details

🔬 Technical Analysis

#

Impact A vulnerability has been identified in the [SUSE Virtualization (Harvester) Rancher integration mechanism](https://docs.harvesterhci.io/v1.7/rancher/rancher-integration) where by default the registration client uses an insecure TLS option that fails to verify the remote server’s certificate. This security gap could allow the execution of a man-in-the-middle (MitM) attack against SUSE Virtualization. An attacker with network-level access between the SUSE Virtualization and Rancher Manager could interfere with the TLS handshake and abuse it to bypass TLS as a security control. The registration client could be misled to send cluster registration requests to an impersonated remote service. Additionally, because the system processes response payloads without performing size validatio

🎯 Known Indicators of Compromise

📚 Advisory References

• https://github.com/advisories/GHSA-pgh9-mpwc-8jjf
• https://github.com/harvester/harvester/security/advisories/GHSA-pgh9-mpwc-8jjf
• https://github.com/advisories/GHSA-pgh9-mpwc-8jjf

🔗 Related Intelligence

• 📊 CYBERDUDEBIVASH SENTINEL APEX Intelligence Feed
• 🛡️ Detection Rules Marketplace
• 🔌 Threat Intelligence API
• 🏢 Enterprise Advisory
• 📧 Free IOC Pack Download
• 💳 API Pricing & Plans