can-i gtfo?

Kubernetes RBAC Abuse Collection

View on GitHub

patch validatingwebhookconfigurations

Verb: patch

Resource: validatingwebhookconfigurations

Description: Patch admission webhook configurations that validate resource requests before they are persisted.

Abuses

Persistence

Patch validating webhook configurations to ensure persistent access by preventing changes

Information Disclosure

Patch validating webhook configurations to log information

# Patch webhook to log all secret operations

Denial of Service

Patch validating webhook configurations to disrupt cluster operations

# Patch webhook to reject all pod creations
← Back to overview