List MutatingWebhookConfigurations (Reconnaissance)
Information Disclosure
Medium
Overview
| Field | Value |
|---|---|
| ID | 1084 |
| Name | List MutatingWebhookConfigurations (Reconnaissance) |
| Risk Category | Information Disclosure |
| Risk Level | Medium |
| Role Type | ClusterRole |
| API Groups | admissionregistration.k8s.io |
| Resources | mutatingwebhookconfigurations |
| Risky Verb Combinations | [list] · [watch] |
| Tags | InformationDisclosure Reconnaissance WebhookReconnaissance |
Description
Allows listing of MutatingWebhookConfigurations cluster-wide. This reveals information about how resources might be altered upon creation/update, aiding attackers in understanding automated modifications and potential vulnerabilities.
Abuse Scenarios
- List all MutatingWebhookConfigurations.
kubectl get mutatingwebhookconfigurations