Create SelfSubjectRulesReviews (Discover Own Permissions)

Overview

Field	Value
ID	1086
Name	Create SelfSubjectRulesReviews (Discover Own Permissions)
Risk Category	Information Disclosure
Risk Level	Low
Role Type	Role
API Groups	authorization.k8s.io
Resources	selfsubjectrulesreviews
Verbs	create
Tags	InformationDisclosure RBACQuery Reconnaissance SelfPermissionReviewQuery

Description

Allows creating SelfSubjectRulesReview resources. This enables a user or service account to query the API server for their own permissions within a namespace, which can be used to confirm successful exploitation or to discover their own capabilities for further actions.