cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-32191,https://securityvulnerability.io/vulnerability/CVE-2023-32191,Non-admin users can escalate to admin rights via configmap,"A security vulnerability exists within Rancher's RKE where sensitive cluster state information is stored in a configmap named `full-cluster-state` within the `kube-system` namespace. This misconfiguration enables non-admin users to gain elevated privileges by exploiting the accessible data. As a result, unauthorized users could potentially alter critical configurations or gain administrative control over the Kubernetes cluster. Securing access to the cluster's configmap is essential to ensure that only authorized personnel can interact with these sensitive settings and to safeguard the overall integrity of the RKE deployment.",Suse,Rke,9.9,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-10-16T12:17:02.324Z,0