CVE-2024-39690

Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584	Patch
https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:projectcapsule:capsule:*:*:*:*:*:*:*:*

History

21 Aug 2024, 16:01

Type	Values Removed	Values Added
CPE		cpe:2.3:a:projectcapsule:capsule::::::::
First Time		Projectcapsule capsule Projectcapsule
Summary		(es) Capsule es un framework multiinquilino y basado en políticas para Kubernetes. En Capsule v0.7.0 y versiones anteriores, el inquilino-propietario puede parchear cualquier espacio de nombres arbitrario que no haya sido asumido por un inquilino (es decir, espacios de nombres sin el campo propietarioReferencia), obteniendo así el control de ese espacio de nombres.
CVSS	v2 : ~~unknown~~ v3 : ~~8.4~~	v2 : unknown v3 : 8.8
References	~~() https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584 -~~	() https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584 - Patch
References	~~() https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp -~~	() https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp - Exploit

20 Aug 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-20 15:15

Updated : 2024-08-21 16:01

NVD link : CVE-2024-39690

Mitre link : CVE-2024-39690

CVE.ORG link : CVE-2024-39690

JSON object : View

Products Affected

projectcapsule

capsule

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2024-39690", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.7}]}, "published": "2024-08-20T15:15:21.340", "references": [{"url": "https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp", "tags": ["Exploit"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace."}, {"lang": "es", "value": "Capsule es un framework multiinquilino y basado en pol\u00edticas para Kubernetes. En Capsule v0.7.0 y versiones anteriores, el inquilino-propietario puede parchear cualquier espacio de nombres arbitrario que no haya sido asumido por un inquilino (es decir, espacios de nombres sin el campo propietarioReferencia), obteniendo as\u00ed el control de ese espacio de nombres."}], "lastModified": "2024-08-21T16:01:47.157", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:projectcapsule:capsule:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A192D305-E13C-436F-8AF2-0D3DC4CD03C1", "versionEndIncluding": "0.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}