Description
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch.
References (2)
Core 2
Core References
Exploit x_refsource_confirm
https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp
Scores
CVSS v3
8.4
EPSS
0.0021
EPSS Percentile
42.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (2)
projectcapsule/capsule
< 0.7.0
projectcapsule/capsule
0 - 0.7.1Go
Published
Aug 20, 2024
Tracked Since
Feb 18, 2026