CVE-2022-23652

Name of the Vulnerable Software and Affected Versions capsule-proxy versions prior to 0.2.1

Description The issue is related to the capsule-proxy, a reverse proxy for Capsule Operator that provides multi-tenancy in Kubernetes. An attacker with proper authentication may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server, potentially exploiting the cluster-admin Role bound to capsule-proxy. There are no known workarounds for this issue.

Recommendations For versions prior to 0.2.1, upgrade to version 0.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the capsule-proxy to minimize the risk of exploitation. Avoid using malicious Connection headers in the affected API endpoint until the issue is resolved.