Mtheeren-Asml

**Name of the Vulnerable Software and Affected Versions** capsule-proxy versions prior to 0.4.5 **Description** A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. This introduces an exfiltration vulnerability, allowing the listing of Namespace resources of other Tenants under specific conditions: 1. `capsule-proxy` runs with the `--disable-caching=false` and 2. Tenant owners are ServiceAccount, with the same resource name, but in different Namespaces. This issue does not allow any privilege escalation on the outer tenant Namespace-scoped resources, as the Kubernetes RBAC is enforcing this. **Recommendations** For versions prior to 0.4.5, upgrade to version 0.4.5 to address the issue. As a temporary workaround, consider setting `--disable-caching=true` to mitigate the risk of exploitation. Restrict access to the `capsule-proxy` to minimize the risk of exploitation. Avoid using the same ServiceAccount name for different tenants in different Namespaces until the issue is resolved.