CVE-2023–32191: Why You Need to Patch Your Rancher Kubernetes Engine (RKE) NOW to Avoid Catastrophic Cloud Breaches!

A new vulnerability appears with a CVSS score of 10, it’s a five-alarm fire for IT and security teams. This is the case with CVE-2023–32191, a critical vulnerability that affects Rancher Kubernetes Engine (RKE) users. If unaddressed, this flaw can give attackers administrative control over your entire Kubernetes cluster — potentially leading to a devastating breach.

In this article, we’ll dive into what CVE-2023–32191 is, why it’s so dangerous, and, most importantly, how you can patch your systems right away. Don’t wait until it’s too late — this vulnerability requires immediate attention.

Understanding CVE-2023–32191: What’s at Stake?

CVE-2023–32191 is a high-severity security flaw in Rancher Kubernetes Engine (RKE), impacting the way RKE stores cluster state information. To manage this state, RKE uses a ConfigMap called full-cluster-state in the kube-system namespace. However, this ConfigMap stores sensitive credentials—essentially an all-access pass for anyone who gains read access to it.

Here’s a list of what’s stored in this vulnerable ConfigMap:

• SSH credentials to Kubernetes nodes