2 matches found
CVE-2024-39690
Summary: CVE-2024-39690 affects Capsule (Kubernetes multi-tenant framework) and describes an authorization bypass where a tenant-owner with the ability to patch a namespace can hijack system namespaces (kube-system, default, capsule-system) if the namespace has not been taken over by a tenant. In...
CVE-2024-39690 Capsule tenant owner with "patch namespace" permission can hijack system namespaces
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant i.e., namespaces without the ownerReference field, thereby gaining control of that namespace. Version...