Read ConfigMaps cluster-wide
Information Disclosure
High
Overview
| Field | Value |
|---|---|
| ID | 1022 |
| Name | Read ConfigMaps cluster-wide |
| Risk Category | Information Disclosure |
| Risk Level | High |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | configmaps |
| Risky Verb Combinations | [get, list, watch] · [list, watch] |
| Tags | ConfigMapAccess DataExposure InformationDisclosure |
Description
Grants access to read all ConfigMaps across all namespaces. ConfigMaps can store non-sensitive configuration data but may sometimes inadvertently contain sensitive information, API endpoints, or settings that could be exploited, leading to information disclosure.
Abuse Scenarios
- List all ConfigMaps across all namespaces.
kubectl get configmaps --all-namespaces
- Retrieve a specific ConfigMap’s data.
kubectl get configmap <configmap-name> -n <namespace> -o yaml
# Example: kubectl get configmap kube-proxy -n kube-system -o yaml