Tags

InformationDisclosure [52] Reconnaissance [43] DataExposure [41] ConfigMapAccess [36] CredentialAccess [32] PotentialPrivilegeEscalation [33] Tampering [33] ClusterStructure [34] SecretAccess [31] Persistence [24] PrivilegeEscalation [23] ClusterWideSecretAccess [23] DenialOfService [25] WildcardPermission [18] RBACQuery [21] WebhookReconnaissance [18] WorkloadLifecycle [16] WorkloadExecution [18] ClusterWideAccess [17] LateralMovement [17] LogAccess [14] NetworkManipulation [15] ServiceExposure [14] ControlPlaneDisruption [14] NodeAccess [14] OperationalData [15] CodeExecution [10] PodExec [10] ResourceConfiguration [11] CriticalNamespace [11] IdentityManagement [10] QuotaTampering [9] StorageDetailsDisclosure [9] ClusterWideLogAccess [9] TrafficRedirection [7] AvailabilityImpact [7] BindingToPrivilegedRole [7] RBACManipulation [7] DataLoss [5] LeaderElectionAbuse [7] Spoofing [5] ClusterWidePodExec [6] ElevationOfPrivilege [6] NamespaceAdmin [3] PodAttach [3] PodPortForward [3] ResourceDeletion [6] ResourceModification [4] Impersonation [3] NamespaceLifecycle [5] ClusterAdminAccess [5] ControllerRevisionTampering [2] CRDManipulation [5] ManInTheMiddle [5] NetworkPolicyManagement [2] SelfPermissionReviewQuery [2] TokenCreation [2] WorkloadDeployment [2] DeprecatedFeature [4] PodSecurityPolicy [4] WebhookManipulation [4] CertificateManagement [2] CSRCreation [3] StorageManipulation [3] NodeManipulation [2] SchedulingAbuse [2] APIServerDoS [1] APIServiceManipulation [1] BackupAccess [1] ClusterWidePodAttach [1] ClusterWidePodPortForward [1] CSRApproval [1] NamespaceWideAccess [2]