CVE-2023-32196

A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.7 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32196
https://github.com/rancher/rancher/security/advisories/GHSA-64jq-m7rq-768h

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad por la cual las comprobaciones de escalada de privilegios no se aplican correctamente para los objetos RoleTemplate cuando external=true, lo que en escenarios específicos puede provocar una escalada de privilegios.

16 Oct 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-16 13:15

Updated : 2026-06-17 05:58

NVD link : CVE-2023-32196

Mitre link : CVE-2023-32196

CVE.ORG link : CVE-2023-32196

JSON object : View

Products Affected

No product.

CWE

CWE-269

Improper Privilege Management

{"id": "CVE-2023-32196", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2023-32196", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2024-10-16T15:55:33.639225Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "meissner@suse.de", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}], "cvssMetricV40": [{"type": "Secondary", "source": "meissner@suse.de", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "meissner@suse.de", "affectedData": [{"vendor": "SUSE", "product": "rancher", "versions": [{"status": "affected", "version": "2.7.0", "lessThan": "2.7.14", "versionType": "semver"}, {"status": "affected", "version": "2.8.0", "lessThan": "2.8.5", "versionType": "semver"}], "packageName": "github.com/rancher/rancher", "defaultStatus": "unaffected"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "affectedData": [{"cpes": ["cpe:2.3:a:rancher:rancher:*:*:*:*:*:*:*:*"], "vendor": "rancher", "product": "rancher", "versions": [{"status": "affected", "version": "2.7.0", "lessThan": "2.7.14", "versionType": "semver"}, {"status": "affected", "version": "2.8.0", "lessThan": "2.8.5", "versionType": "semver"}], "defaultStatus": "unknown"}]}], "published": "2024-10-16T13:15:13.060", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32196", "source": "meissner@suse.de"}, {"url": "https://github.com/rancher/rancher/security/advisories/GHSA-64jq-m7rq-768h", "source": "meissner@suse.de"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "meissner@suse.de", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad por la cual las comprobaciones de escalada de privilegios no se aplican correctamente para los objetos RoleTemplate cuando external=true, lo que en escenarios espec\u00edficos puede provocar una escalada de privilegios."}], "lastModified": "2026-06-17T05:58:17.630", "sourceIdentifier": "meissner@suse.de"}