Tags

InformationDisclosure [103] DataExposure [91] ConfigMapAccess [82] Tampering [88] PotentialPrivilegeEscalation [87] SecretAccess [80] CredentialAccess [81] Reconnaissance [86] ClusterWideSecretAccess [69] DenialOfService [73] ClusterStructure [64] Persistence [70] PrivilegeEscalation [70] WorkloadLifecycle [53] RBACQuery [54] ControlPlaneDisruption [48] WildcardPermission [44] LateralMovement [59] ResourceConfiguration [32] QuotaTampering [31] WebhookReconnaissance [34] CriticalNamespace [45] NetworkManipulation [48] ServiceExposure [46] WorkloadExecution [43] ClusterWideAccess [40] OperationalData [40] NodeAccess [52] IdentityManagement [34] ClusterAdminAccess [43] ResourceNameRestricted [46] BindingToPrivilegedRole [28] RBACManipulation [28] TrafficRedirection [19] CodeExecution [40] AvailabilityImpact [21] ManInTheMiddle [16] PodExec [23] LogAccess [30] ElevationOfPrivilege [35] Spoofing [14] Impersonation [13] ClusterWidePodExec [17] ResourceDeletion [19] LeaderElectionAbuse [19] NamespaceLifecycle [17] ClusterWideLogAccess [21] NetworkPolicyManagement [12] WebhookManipulation [13] CRDManipulation [15] StorageDetailsDisclosure [16] PodPortForward [11] APIServiceManipulation [5] PodAttach [10] ResourceModification [9] DataLoss [11] StorageManipulation [9] ClusterWidePodPortForward [7] ControllerRevisionTampering [7] SelfPermissionReviewQuery [7] TokenCreation [7] NamespaceAdmin [10] ClusterWidePodAttach [6] CertificateManagement [6] NodeManipulation [7] SchedulingAbuse [7] CSRCreation [6] CSRApproval [5] APIServerDoS [4] BackupAccess [4] DeprecatedFeature [11] PodSecurityPolicy [11] WorkloadDeployment [4] NamespaceWideAccess [8] AuthorizationBypass [21]