CVSS 3.1 Score 7.5 of 10 (high)


Published Sep 19, 2023
Updated: Sep 22, 2023
CWE ID 770


CVE-2023-32186 is a vulnerability classified as Allocation of Resources Without Limits or Throttling in SUSE RKE2. Attackers who have access to the K3s servers apiserver/supervisor port (TCP 6443) can exploit this vulnerability to cause a denial of service. The affected versions of RKE2 range from 1.24.0 to 1.28.1+rke2r1. To remediate this vulnerability, users should update their RKE2 installations to versions 1.24.17+rke2r1, 1.25.13+rke2r1, 1.26.8+rke2r1, 1.27.5+rke2r1, or 1.28.1+rke2r1 depending on the specific version being used. This vulnerability poses a high danger to organizations as it can result in disrupted services and potential loss of availability for affected systems.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-32186 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options