CRITICAL🇵🇱 Wersja polska

CVE-2023-32191

CVSS 9.9v3.1pub. 2024-10-16upd. 2026-04-15

When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin.

🤖 AI Analysis
How it works

During cluster provisioning by RKE, the tool saves the complete cluster state in a configmap named `full-cluster-state` in the `kube-system` namespace. This configmap contains sensitive configuration information which — according to CWE-922 — is stored in an unsecured location. An unprivileged cluster user with read access to this resource can extract the contained data and use it to escalate their permissions to administrator level.

Impact

An attacker with a standard account in the cluster can perform privilege escalation to the administrator role, gaining full control over the Kubernetes cluster, including access to all data and the ability to modify cluster resources.

Mitigation & patch

Security patches available from the vendor should be applied according to references — details in the SUSE Bugzilla message and official security advisory in the rancher/rke repository on GitHub (GHSA-6gr4-52w6-vmqx).

Who is affected

Kubernetes clusters provisioned using the RKE (Rancher Kubernetes Engine) tool; detailed information on affected versions is available in vendor references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References