Manage configmaps
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Roles or ClusterRoles are configured with write permissions (such as create, update, patch, or delete) on Kubernetes configmaps, which can expose or allow modification of sensitive configuration data.
Impact#
If exploited, attackers could alter or delete configmaps, potentially injecting malicious configurations, disrupting application behavior, or escalating privileges within the cluster, leading to service outages or compromise of sensitive information.
Resolution#
Remove write permission verbs for resource ‘configmaps