TF 0010 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Manage all resources at the namespace
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
Granting full control over all resources in a Kubernetes namespace (using a wildcard '*') creates overly broad permissions. This can allow unintended actions across all resource types, violating the principle of least privilege.
Impact
If exploited, an attacker or compromised user could manipulate, delete, or expose any resource within the namespace, leading to data loss, service disruption, or privilege escalation across the cluster.