Manage MutatingWebhookConfigurations
Tampering
Critical
Overview
| Field | Value |
|---|---|
| ID | 1043 |
| Name | Manage MutatingWebhookConfigurations |
| Risk Category | Tampering |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | admissionregistration.k8s.io |
| Resources | mutatingwebhookconfigurations |
| Verbs | create, update, patch, delete |
| Tags | DenialOfService PrivilegeEscalation Tampering WebhookManipulation |
Description
Grants control over MutatingWebhookConfigurations, which can modify API objects during admission. This is extremely critical as an attacker can create or alter webhooks to inject malicious configurations, escalate privileges, bypass security policies, or cause denial of service.