CVE-2022-23652
HIGHClastix Capsule-proxy < 0.2.1 - Authentication Bypass
Title source: ruleDescription
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API Server. This vulnerability allows for an exploit of the `cluster-admin` Role bound to `capsule-proxy`. There are no known workarounds for this issue.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_confirm
https://github.com/clastix/capsule-proxy/security/advisories/GHSA-9cwv-cppx-mqjm
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/clastix/capsule-proxy/issues/188
Patch, Third Party Advisory x_refsource_misc
https://github.com/clastix/capsule-proxy/commit/efe91f68ebf8a9e3d21491dc57da7b8a746415d8
Scores
CVSS v3
8.8
EPSS
0.0039
EPSS Percentile
59.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-287
Status
published
Products (2)
clastix/capsule-proxy
< 0.2.1
clastix/capsule-proxy
0 - 0.2.1Go
Published
Feb 22, 2022
Tracked Since
Feb 18, 2026