Security Advisory

CVE-2023-32191

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-16 12:17:02

Last updated 2024-10-16 15:58:10

Assigner suse

State PUBLISHED

Description

When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin.

← Browse all CVEs View on cve.org ↗