Manage all resources at the namespace
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Granting full control over all resources in a Kubernetes namespace (using a wildcard ‘*’) creates overly broad permissions. This can allow unintended actions across all resource types, violating the principle of least privilege.
Impact#
If exploited, an attacker or compromised user could manipulate, delete, or expose any resource within the namespace, leading to data loss, service disruption, or privilege escalation across the cluster.