Tags

InformationDisclosure [113] DataExposure [101] ConfigMapAccess [92] Reconnaissance [96] CredentialAccess [93] SecretAccess [90] ClusterStructure [77] Tampering [92] PotentialPrivilegeEscalation [91] ClusterWideSecretAccess [78] LateralMovement [75] Persistence [75] PrivilegeEscalation [81] NodeAccess [68] CodeExecution [54] DenialOfService [81] ClusterAdminAccess [60] ElevationOfPrivilege [51] ResourceConfiguration [40] QuotaTampering [39] WildcardPermission [63] AuthorizationBypass [44] WorkloadLifecycle [59] NetworkManipulation [59] WebhookReconnaissance [46] RBACQuery [63] ResourceNameRestricted [63] ServiceExposure [56] OperationalData [52] WorkloadExecution [53] ClusterWideAccess [57] ControlPlaneDisruption [55] LogAccess [36] TrafficRedirection [30] PodExec [27] IdentityManagement [38] CriticalNamespace [49] ManInTheMiddle [23] BindingToPrivilegedRole [34] RBACManipulation [34] PodPortForward [14] AvailabilityImpact [26] DeprecatedFeature [25] PodSecurityPolicy [25] PodAttach [11] ClusterWideLogAccess [25] ClusterWidePodExec [21] StorageDetailsDisclosure [23] Spoofing [22] ResourceDeletion [25] LeaderElectionAbuse [20] NamespaceLifecycle [22] NetworkPolicyManagement [16] Impersonation [18] NamespaceAdmin [19] WebhookManipulation [17] CRDManipulation [21] ClusterWidePodPortForward [10] DataLoss [12] ResourceModification [11] CertificateManagement [9] SelfPermissionReviewQuery [9] CSRCreation [10] ControllerRevisionTampering [8] TokenCreation [8] APIServiceManipulation [7] StorageManipulation [11] ClusterWidePodAttach [7] NodeManipulation [8] SchedulingAbuse [8] CSRApproval [7] APIServerDoS [5] BackupAccess [5] NamespaceWideAccess [15] WorkloadDeployment [6]