Platform
kubernetes
Component
rancher
Opgelost in
2.7.14
2.8.5
CVE-2023-32197 describes a Privilege Escalation vulnerability discovered in SUSE Rancher. An attacker can leverage improperly managed RoleTemplate objects, specifically when the external=true flag is set, to gain elevated privileges within the Rancher environment. This vulnerability impacts Rancher versions 2.7.0 through 2.8.5 and has been resolved in version 2.8.5.
The core of this vulnerability lies in the mishandling of external RoleTemplate objects. When external=true is configured, Rancher does not adequately enforce access controls, allowing an attacker to potentially assume roles and permissions beyond their intended scope. Successful exploitation could enable an attacker to perform actions they are not authorized to do, such as modifying cluster configurations, accessing sensitive data, or even gaining control of the entire Kubernetes cluster managed by Rancher. The blast radius extends to any data or resources accessible by the escalated user, potentially impacting multiple tenants or applications within the cluster.
This vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a lower probability of immediate widespread exploitation. However, the potential for privilege escalation warrants careful attention and prompt remediation. The vulnerability was publicly disclosed on 2025-04-16.
Organizations heavily reliant on Rancher for Kubernetes cluster management, particularly those utilizing external RoleTemplate objects for managing access control, are at heightened risk. Shared hosting environments where multiple tenants share a Rancher instance are also particularly vulnerable, as a compromised RoleTemplate could impact multiple tenants.
• kubernetes / rancher:
kubectl get roletemplate --all-namespaces -o yaml | grep external: true• kubernetes / rancher:
journalctl -u rancher -f | grep "RoleTemplate objects when external=true"• kubernetes / rancher:
# Check for unusual role assignments
kubectl get rolebindings -A -o yaml | grep -E 'role:.*external=true'disclosure
Exploit Status
EPSS
0.02% (5% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2023-32197 is to upgrade Rancher to version 2.8.5 or later. If an immediate upgrade is not feasible, consider restricting access to RoleTemplate objects with external=true to trusted users only. Implement strict role-based access control (RBAC) policies within Rancher to limit the potential impact of a successful exploit. Regularly audit RoleTemplate configurations to identify and remediate any misconfigurations. After upgrading, verify the fix by attempting to create or modify an external RoleTemplate object and confirming that access is appropriately restricted.
Actualice Rancher a la versión 2.7.14 o superior, o a la versión 2.8.5 o superior, según corresponda. Esto corrige la vulnerabilidad de escalada de privilegios relacionada con RoleTemplates externos.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2023-32197 is a vulnerability in SUSE Rancher allowing privilege escalation through improperly managed RoleTemplate objects when external=true is set. It affects versions 2.7.0–2.8.5 and is rated MEDIUM severity.
You are affected if you are running Rancher versions 2.7.0 through 2.8.5 and are using RoleTemplate objects with external=true.
Upgrade Rancher to version 2.8.5 or later. As a temporary workaround, restrict access to RoleTemplate objects with external=true.
There are no widespread reports of active exploitation at this time, but the potential for privilege escalation warrants prompt remediation.
Refer to the SUSE Security Advisory for detailed information and updates: [https://www.suse.com/security/cve/CVE-2023-32197/](https://www.suse.com/security/cve/CVE-2023-32197/)
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.