CVE-2023-32193 – Norman API Cross-site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2023-32193
A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. Se ha identificado una vulnerabilidad en la que se pueden explotar cross-site scripting (XSS) no autenticadas en el endpoint de la API pública de Norman. Esto puede llevar a que un atacante aproveche la vulnerabilidad para activar código JavaScript y ejecutar comandos de forma remota. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32193 https://github.com/rancher/norman/security/advisories/GHSA-r8f4-hv23-6qp6 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2023-32192 – Rancher API Server Cross-site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2023-32192
A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server's public API endpoint can be exploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser Se ha identificado una vulnerabilidad en la que se pueden explotar cross-site scripting (XSS) no autenticadas en el endpoint de la API pública del servidor API, lo que permite a un atacante ejecutar código JavaScript arbitrario en el navegador de la víctima. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32192 https://github.com/rancher/apiserver/security/advisories/GHSA-833m-37f7-jq55 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2023-32191 – rke's credentials are stored in the RKE1 Cluster state ConfigMap
https://notcve.org/view.php?id=CVE-2023-32191
When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. Cuando RKE aprovisiona un clúster, almacena el estado del clúster en un mapa de configuración llamado `full-cluster-state` dentro del espacio de nombres `kube-system` del propio clúster. La información disponible allí permite que los usuarios que no son administradores escalen a administradores. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32191 https://github.com/rancher/rke/security/advisories/GHSA-6gr4-52w6-vmqx • CWE-922: Insecure Storage of Sensitive Information •
CVE-2023-32188 – JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2023-32188
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE. Un usuario puede aplicar ingeniería inversa al token JWT (JSON Web Token) utilizado en la autenticación para el acceso a la API y al administrador, falsificando un token NeuVector válido para realizar una actividad maliciosa en NeuVector. Esto puede dar lugar a una RCE. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188 https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x • CWE-1270: Generation of Incorrect Security Tokens •
CVE-2023-22650 – Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
https://notcve.org/view.php?id=CVE-2023-22650
A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable. Se ha identificado una vulnerabilidad en la que Rancher no limpia automáticamente a un usuario que ha sido eliminado del proveedor de autenticación (AP) configurado. Esta característica también se aplica a los usuarios deshabilitados o revocados; Rancher no reflejará estas modificaciones, lo que puede dejar los tokens del usuario aún utilizables. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22650 https://github.com/rancher/rancher/security/advisories/GHSA-9ghh-mmcq-8phc • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •