Tags

InformationDisclosure [90] DataExposure [82] ConfigMapAccess [74] Tampering [79] PotentialPrivilegeEscalation [78] CredentialAccess [74] SecretAccess [72] Reconnaissance [74] ClusterWideSecretAccess [62] DenialOfService [66] Persistence [63] ClusterStructure [55] PrivilegeEscalation [63] RBACQuery [51] WorkloadLifecycle [50] NetworkManipulation [44] LateralMovement [42] ControlPlaneDisruption [43] ServiceExposure [42] WorkloadExecution [41] CriticalNamespace [41] WildcardPermission [38] OperationalData [36] ResourceConfiguration [29] QuotaTampering [28] WebhookReconnaissance [27] IdentityManagement [33] ClusterWideAccess [35] NodeAccess [34] ResourceNameRestricted [38] BindingToPrivilegedRole [27] RBACManipulation [27] CodeExecution [20] PodExec [20] LogAccess [26] ClusterAdminAccess [25] TrafficRedirection [16] AvailabilityImpact [20] ManInTheMiddle [15] ClusterWidePodExec [16] ElevationOfPrivilege [16] ClusterWideLogAccess [20] Spoofing [13] ResourceDeletion [17] Impersonation [12] NamespaceLifecycle [15] LeaderElectionAbuse [17] StorageDetailsDisclosure [15] CRDManipulation [13] PodPortForward [9] WebhookManipulation [13] PodAttach [8] NetworkPolicyManagement [10] NamespaceAdmin [7] DataLoss [10] ResourceModification [8] StorageManipulation [9] ClusterWidePodPortForward [7] CertificateManagement [6] NamespaceWideAccess [5] ControllerRevisionTampering [6] SelfPermissionReviewQuery [6] TokenCreation [6] ClusterWidePodAttach [6] APIServiceManipulation [5] NodeManipulation [6] SchedulingAbuse [6] CSRCreation [6] DeprecatedFeature [6] PodSecurityPolicy [6] CSRApproval [5] APIServerDoS [4] BackupAccess [4] WorkloadDeployment [3]