ConfigMap with sensitive content
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Sensitive information such as usernames and email addresses is being stored in Kubernetes ConfigMaps, which are not designed for secure data storage. ConfigMaps store data in plaintext and are accessible to any pod with read permissions.
Impact#
If exploited, attackers or unauthorized users with access to the cluster can read sensitive data from ConfigMaps, leading to credential exposure, privacy breaches, or facilitating further attacks against the environment.
Resolution#
Remove sensitive content from configMap data value