CVE-2023-32188

Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 5.2.2

Description A user can reverse engineer the JSON Web Token (JWT) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector, potentially leading to Remote Code Execution (RCE).

Recommendations For versions prior to 5.2.2, upgrade to NeuVector version 5.2.2 or later and use the latest Helm chart (2.6.3+). As a temporary workaround, users can replace the Manager & Controller certificate manually by following the instructions provided in the documentation. However, upgrading to 5.2.2 and replacing the Manager/REST API certificate is recommended to provide additional security enhancements to prevent possible attempted exploit and resulting RCE.