Описание
Improper Authentication in Capsule Proxy
Impact
Using a malicious Connection header, an attacker with a proper authentication mechanism could start a privilege escalation towards the Kubernetes API Server, being able to exploit the cluster-admin Role bound to capsule-proxy.
Patches
Patch has been merged in the v0.2.1 release.
Workarounds
Upgrading is mandatory.
Ссылки
- https://github.com/clastix/capsule-proxy/security/advisories/GHSA-9cwv-cppx-mqjm
- https://nvd.nist.gov/vuln/detail/CVE-2022-23652
- https://github.com/clastix/capsule-proxy/issues/188
- https://github.com/clastix/capsule-proxy/commit/efe91f68ebf8a9e3d21491dc57da7b8a746415d8
- https://github.com/clastix/capsule-proxy
Пакеты
github.com/clastix/capsule-proxy
< 0.2.1
0.2.1
Связанные уязвимости
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API Server. This vulnerability allows for an exploit of the `cluster-admin` Role bound to `capsule-proxy`. There are no known workarounds for this issue.
Уязвимость модуля прокси capsule-proxy программного средства Capsule для обеспечения мультитенантности в Kubernetes, позволяющая нарушителю повысить свои привилегии