Read RBAC configuration cluster-wide
Information Disclosure
Medium
Overview
| Field | Value |
|---|---|
| ID | 1077 |
| Name | Read RBAC configuration cluster-wide |
| Risk Category | Information Disclosure |
| Risk Level | Medium |
| Role Type | ClusterRole |
| API Groups | rbac.authorization.k8s.io |
| Resources | clusterroles, roles, clusterrolebindings, rolebindings |
| Verbs | get, list, watch |
| Tags | InformationDisclosure RBACQuery Reconnaissance |
Description
Allows listing and getting all ClusterRoles, Roles, ClusterRoleBindings, and RoleBindings. This provides full visibility into the cluster’s authorization model, aiding attackers in finding privilege escalation paths or understanding defenses.