Manage CustomResourceDefinitions
Tampering
Critical
Overview
| Field | Value |
|---|---|
| ID | 1045 |
| Name | Manage CustomResourceDefinitions |
| Risk Category | Tampering |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | apiextensions.k8s.io |
| Resources | customresourcedefinitions |
| Verbs | create, update, patch, delete |
| Tags | CRDManipulation PotentialPrivilegeEscalation Tampering |
Description
Permits creating, updating, or deleting CustomResourceDefinitions (CRDs). CRDs extend the Kubernetes API. Modifying CRDs can lead to tampering with custom controllers, potentially causing unexpected behavior, privilege escalation if controllers manage sensitive resources, or denial of service.