Tags

InformationDisclosure [90] DataExposure [82] ConfigMapAccess [74] Tampering [80] PotentialPrivilegeEscalation [79] CredentialAccess [74] SecretAccess [72] Reconnaissance [74] ClusterWideSecretAccess [62] DenialOfService [66] ClusterStructure [55] Persistence [63] PrivilegeEscalation [63] WorkloadLifecycle [50] RBACQuery [51] ControlPlaneDisruption [44] WildcardPermission [38] ResourceConfiguration [29] QuotaTampering [28] NetworkManipulation [44] LateralMovement [42] ServiceExposure [42] WebhookReconnaissance [29] CriticalNamespace [42] WorkloadExecution [41] OperationalData [36] ClusterWideAccess [35] IdentityManagement [33] NodeAccess [34] BindingToPrivilegedRole [27] RBACManipulation [27] ResourceNameRestricted [38] ClusterAdminAccess [25] TrafficRedirection [16] AvailabilityImpact [20] ManInTheMiddle [15] LogAccess [26] CodeExecution [20] PodExec [20] Spoofing [13] Impersonation [12] ClusterWidePodExec [16] ElevationOfPrivilege [16] ResourceDeletion [17] ClusterWideLogAccess [20] NamespaceLifecycle [15] LeaderElectionAbuse [17] NetworkPolicyManagement [11] StorageDetailsDisclosure [15] WebhookManipulation [13] CRDManipulation [14] PodPortForward [9] PodAttach [8] ResourceModification [8] DataLoss [10] StorageManipulation [9] APIServiceManipulation [5] NamespaceAdmin [8] ClusterWidePodPortForward [7] ControllerRevisionTampering [6] SelfPermissionReviewQuery [6] TokenCreation [6] ClusterWidePodAttach [6] CertificateManagement [6] NodeManipulation [6] SchedulingAbuse [6] CSRCreation [6] CSRApproval [5] APIServerDoS [4] BackupAccess [4] DeprecatedFeature [6] PodSecurityPolicy [6] NamespaceWideAccess [6] WorkloadDeployment [3]