CVE-2022-46167

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-46167
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46167.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-46167
Aliases
Published
2022-12-02T19:15:11Z
Modified
2024-08-21T16:28:50.585029Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operator and removing all the enforcement like Pod Security annotations, Network Policies, Limit Range and Resource Quota items. An attacker could detach the Namespace from a Tenant that is forbidding starting privileged Pods using the Pod Security labels by removing the OwnerReference, removing the enforcement labels, and being able to start privileged containers that would be able to start a generic Kubernetes privilege escalation. Patches have been released for version 0.1.3. No known workarounds are available.

References

Affected packages

Git / github.com/clastix/capsule

Affected ranges

Type
GIT
Repo
https://github.com/clastix/capsule
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/projectcapsule/capsule
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

0.*

0.0.1
0.2.0-rc1

helm-v0.*

helm-v0.1.0
helm-v0.1.1
helm-v0.1.10
helm-v0.1.11
helm-v0.1.2
helm-v0.1.3
helm-v0.1.4
helm-v0.1.6
helm-v0.1.7
helm-v0.1.8

v0.*

v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.5-rc1
v0.0.5-rc2
v0.1.0
v0.1.0-rc1
v0.1.0-rc2
v0.1.0-rc3
v0.1.0-rc4
v0.1.0-rc5
v0.1.0-rc6
v0.1.1
v0.1.1-rc0
v0.1.1-rc1
v0.1.2
v0.1.2-rc0
v0.1.2-rc1