Node proxy access (Kubelet API)
Elevation of Privilege
Critical
Overview
| Field | Value |
|---|---|
| ID | 1014 |
| Name | Node proxy access (Kubelet API) |
| Risk Category | Elevation of Privilege |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | nodes/proxy |
| Verbs | get, create, update, patch, delete |
| Tags | ClusterAdminAccess CodeExecution DataExposure LateralMovement NodeAccess (+1 more) |
Description
Provides direct access to the Kubelet API on any node in the cluster. This is equivalent to cluster admin access, allowing an attacker to run commands on nodes, access pod logs, execute commands in containers, and retrieve sensitive information directly from the nodes, leading to full cluster compromise.