Manage ValidatingWebhookConfigurations
Tampering
Critical
Overview
| Field | Value |
|---|---|
| ID | 1044 |
| Name | Manage ValidatingWebhookConfigurations |
| Risk Category | Tampering |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | admissionregistration.k8s.io |
| Resources | validatingwebhookconfigurations |
| Verbs | create, update, patch, delete |
| Tags | DenialOfService Tampering WebhookManipulation |
Description
Allows control over ValidatingWebhookConfigurations, which can validate or reject API objects during admission. An attacker can use this to tamper with security policies (e.g., disable a validating webhook that enforces security best practices) or cause denial of service by rejecting legitimate requests.