capsule-proxy privilege escalation vulnerability in versions prior to 0.4.6 allows unauthenticated access to the Kubernetes API Serve
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
Cvelist | CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy | 24 Nov 202317:12 | – | cvelist |
Prion | Privilege escalation | 24 Nov 202318:15 | – | prion |
NVD | CVE-2023-48312 | 24 Nov 202318:15 | – | nvd |
Veracode | Improper Authentication | 27 Nov 202307:18 | – | veracode |
OSV | Capsule Proxy Authentication bypass using an empty token | 24 Nov 202316:53 | – | osv |
OSV | CVE-2023-48312 | 24 Nov 202318:15 | – | osv |
OSV | Capsule Proxy Authentication bypass using an empty token in github.com/projectcapsule/capsule-proxy | 21 Aug 202414:30 | – | osv |
Github Security Blog | Capsule Proxy Authentication bypass using an empty token | 24 Nov 202316:53 | – | github |
[
{
"vendor": "projectcapsule",
"product": "capsule-proxy",
"versions": [
{
"version": "< 0.4.6",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo