Manage secrets
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Cluster-wide permissions allowing management of Kubernetes secrets grant users access to sensitive information, such as service account tokens, which are often tied to high-privilege roles. This effectively provides cluster-admin level access to anyone with these permissions.
Impact#
If exploited, attackers can retrieve service account tokens and other secrets, enabling them to impersonate privileged users, escalate privileges, access confidential data, or take full control of the cluster, potentially resulting in data breaches or service disruption.