CVE-2023-32191

Published: 2024-10-16T13:15Z

Last Modified: 2024-10-16T16:38Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt