Improper Authentication

github.com/projectcapsule/capsule-proxy and github.com/clastix/capsule-proxy are vulnerable to Improper Authentication. The vulnerability is caused by a missing check if the user is authenticated based on the TokenReview result in capsule-proxy capsule operator project. An attacker can bypass the...

Privilege escalation

capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...

CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

CVE-2022-23652 Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...