Namespaced pod port-forward
Information Disclosure
Medium
Overview
| Field | Value |
|---|---|
| ID | 1005 |
| Name | Namespaced pod port-forward |
| Risk Category | Information Disclosure |
| Risk Level | Medium |
| Role Type | Role |
| API Groups | core |
| Resources | pods/portforward |
| Risky Verb Combinations | [create] |
| Tags | LateralMovement NetworkManipulation PodPortForward |
Description
Permits forwarding local ports to ports on pods within a specific namespace. This can expose internal services within that namespace, enable lateral movement, and potentially lead to information disclosure from applications not intended for external access.
Abuse Scenarios
- Forward a local port to a port on a specific pod within the namespace.
kubectl port-forward <pod-name> -n <namespace> <local-port>:<pod-port>
# Example: Forward local port 3000 to port 3000 of a frontend pod
# kubectl port-forward my-frontend-pod -n default 3000:3000