Lucene search
K

4 matches found

OSV
OSV
added 2024/10/16 1:15 p.m.4 views

CVE-2023-32191

When RKE provisions a cluster, it stores the cluster state in a configmap called full-cluster-state inside the kube-system namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin...

9.9CVSS5.8AI score0.00641EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 7:59 p.m.19 views

GO-2024-2930 RKE credentials are stored in the RKE1 Cluster state ConfigMap in github.com/rancher/rke

When RKE provisions a cluster, it stores the cluster state in a configmap called "full-cluster-state" inside the "kube-system" namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include sensitive data...

9.9CVSS9.2AI score0.00641EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/16 12:0 a.m.5 views

PT-2024-4208 · Rancher · Rancher Kubernetes Engine +1

Name of the Vulnerable Software and Affected Versions: Rancher Kubernetes Engine RKE versions prior to 1.4.19 Rancher Kubernetes Engine RKE versions prior to 1.5.10 Rancher versions prior to 2.7.14 Rancher versions prior to 2.8.5 Description: The issue is related to the storage of cluster state i...

10CVSS7AI score0.00641EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2024/01/20 3:16 a.m.6 views

SUSE CVE-2023-32191

When RKE provisions a cluster, it stores the cluster state in a configmap called full-cluster-state inside the kube-system namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin...

9.9CVSS6.8AI score0.00641EPSS
Exploits0References5
Rows per page
Query Builder