Read ConfigMaps in a namespace
Information Disclosure
Medium
Overview
| Field | Value |
|---|---|
| ID | 1023 |
| Name | Read ConfigMaps in a namespace |
| Risk Category | Information Disclosure |
| Risk Level | Medium |
| Role Type | Role |
| API Groups | core |
| Resources | configmaps |
| Risky Verb Combinations | [get, list, watch] · [list, watch] |
| Tags | ConfigMapAccess DataExposure InformationDisclosure |
Description
Permits reading ConfigMaps within a specific namespace. This can lead to information disclosure if ConfigMaps store sensitive configuration details, connection strings, or other exploitable data for applications within that namespace.
Abuse Scenarios
- List all ConfigMaps in a specific namespace.
kubectl get configmaps -n <namespace>
# Example: kubectl get configmaps my-app-config -n default
- Retrieve a specific ConfigMap’s data within the namespace.
kubectl get configmap <configmap-name> -n <namespace> -o yaml
# Example: kubectl get configmap my-app-settings -n production -o yaml