CVE-2021-32001 K3s/RKE2 bootstrap data is encrypted with empty string if user does not supply a token
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material cluster certificate authority private keys, secrets encryption configuration passphrase, etc. and decrypt it, without having to know the...