Manage FlowSchemas (API Server DoS/Manipulation)
Denial of Service
Critical
Overview
| Field | Value |
|---|---|
| ID | 1098 |
| Name | Manage FlowSchemas (API Server DoS/Manipulation) |
| Risk Category | Denial of Service |
| Risk Level | Critical |
| Role Type | ClusterRole |
| API Groups | flowcontrol.apiserver.k8s.io |
| Resources | flowschemas |
| Verbs | create, update, patch, delete |
| Tags | APIServerDoS ControlPlaneDisruption DenialOfService Tampering |
Description
Allows managing FlowSchema objects cluster-wide. FlowSchemas are part of API Priority and Fairness, controlling how API requests are categorized and prioritized. Misconfiguration can lead to denial of service against the API server for critical components or allow certain requests to bypass throttling, potentially overwhelming the server.