CVE-2023-32186

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 19, 2023
Updated: Sep 22, 2023
CWE ID 770

Summary

CVE-2023-32186 is a vulnerability classified as Allocation of Resources Without Limits or Throttling in SUSE RKE2. Attackers who have access to the K3s servers apiserver/supervisor port (TCP 6443) can exploit this vulnerability to cause a denial of service. The affected versions of RKE2 range from 1.24.0 to 1.28.1+rke2r1. To remediate this vulnerability, users should update their RKE2 installations to versions 1.24.17+rke2r1, 1.25.13+rke2r1, 1.26.8+rke2r1, 1.27.5+rke2r1, or 1.28.1+rke2r1 depending on the specific version being used. This vulnerability poses a high danger to organizations as it can result in disrupted services and potential loss of availability for affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-32186 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database