Update/Patch pods cluster-wide
Elevation of Privilege
Critical
Overview
| Field | Value |
|---|---|
| ID | 1008 |
| Name | Update/Patch pods cluster-wide |
| Risk Category | Elevation of Privilege |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | pods |
| Verbs | update, patch |
| Tags | PrivilegeEscalation Tampering WorkloadExecution |
Description
Permits modifying existing pods in any namespace across the cluster. This is critical as an attacker can alter a pod’s specification to grant it elevated privileges (e.g., change image, add privileged security context, mount sensitive host paths), leading to code execution, privilege escalation, and tampering with running workloads.