A vulnerability classified as problematic was found in SUSE Rancher up to 2.11.14/2.12.10/2.13.6/2.14.2. This affects an unknown function of the component Assertion Consumer Service. Such manipulation leads to authentication bypass by capture-replay.
This vulnerability is uniquely identified as CVE-2026-44946. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.