CVE-2021-32001 vulnerability in Suse Products
Published on July 28, 2021
K3s/RKE2 bootstrap data is encrypted with empty string if user does not supply a token
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions.
Vulnerability Analysis
CVE-2021-32001 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Missing Encryption of Sensitive Data
The software does not encrypt sensitive or critical information before storage or transmission. The lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.
Products Associated with CVE-2021-32001
stack.watch emails you whenever new vulnerabilities are published in Suse Rancher K3s or Suse Rancher Rke2. Just hit a watch button to start following.
Affected Versions
SUSE Rancher:- Version K3s, <= v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 is affected.
- Version RKE2, <= v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.