Manage Services cluster-wide
NetworkManipulation
Critical
Overview
| Field | Value |
|---|---|
| ID | 1075 |
| Name | Manage Services cluster-wide |
| Risk Category | NetworkManipulation |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | services |
| Verbs | create, update, patch, delete |
| Tags | DenialOfService NetworkManipulation ServiceExposure Tampering |
Description
Allows creating, updating, or deleting Services in any namespace. This can be abused to expose internal applications, modify service types (e.g., ClusterIP to LoadBalancer), redirect traffic (by changing selectors), or cause denial of service.