Manage PersistentVolumes (cluster-wide storage manipulation)
Tampering
Critical
Overview
| Field | Value |
|---|---|
| ID | 1017 |
| Name | Manage PersistentVolumes (cluster-wide storage manipulation) |
| Risk Category | Tampering |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | persistentvolumes |
| Verbs | create, update, patch, delete, deletecollection |
| Tags | DataExposure DataLoss DenialOfService StorageManipulation Tampering |
Description
Permits creating, updating, patching, or deleting PersistentVolumes across the cluster. This allows manipulation of cluster-wide storage, potentially leading to data exposure by accessing sensitive data, data loss by deleting volumes, tampering with stored information, or denial of service.