{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2024-22032","title":"Title"},{"category":"description","text":"A vulnerability has been identified in which an RKE1 cluster keeps \nconstantly reconciling when secrets encryption configuration is enabled.\n When reconciling, the Kube API secret values are written in plaintext \non the AppliedSpec. Cluster owners, Cluster members, and Project members\n (for projects within the cluster), all have RBAC permissions to view \nthe cluster object from the apiserver.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2024-22032","url":"https://www.suse.com/security/cve/CVE-2024-22032"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1224078 for CVE-2024-22032","url":"https://bugzilla.suse.com/1224078"},{"category":"external","summary":"Advisory link for GHSA-q6c7-56cq-g2wm","url":"https://github.com/rancher/rancher/security/advisories/GHSA-q6c7-56cq-g2wm"}],"title":"SUSE CVE CVE-2024-22032","tracking":{"current_release_date":"2025-02-16T05:22:06Z","generator":{"date":"2024-06-18T02:53:41Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2024-22032","initial_release_date":"2024-06-18T02:53:41Z","revision_history":[{"date":"2024-06-18T02:53:41Z","number":"2","summary":"Current version"},{"date":"2024-10-17T03:09:21Z","number":"3","summary":"Current version"},{"date":"2025-01-01T01:30:40Z","number":"4","summary":"Current version"},{"date":"2025-01-08T00:27:14Z","number":"5","summary":"Current version"},{"date":"2025-02-14T05:29:07Z","number":"6","summary":"Current version"},{"date":"2025-02-16T05:22:06Z","number":"7","summary":"Current version"}],"status":"interim","version":"7"}}}