CVE-2023-32186

CVSS V2 None CVSS V3 None
Description
A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects RKE2: from 1.24.0 before 1.24.17+rke2r1, from v1.25.0 before v1.25.13+rke2r1, from v1.26.0 before v1.26.8+rke2r1, from v1.27.0 before v1.27.5+rke2r1, from v1.28.0 before v1.28.1+rke2r1.
Overview
  • CVE ID
  • CVE-2023-32186
  • Assigner
  • suse
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-09-19T09:32:49.121Z
  • Last Modified Date
  • 2023-09-19T09:32:49.121Z
Weakness Enumerations
CWE URL
CWE-770 http://cwe.mitre.org/data/definitions/770.html
References
Reference URL Reference Tags
https://github.com/rancher/rke2/security/advisories/GHSA-p45j-vfv5-wprq
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32186
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-32186
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32186
History
Created Old Value New Value Data Type Notes
2024-06-25 11:37:09 Added to TrackCVE