Read CSINode Objects (Node & Storage Reconnaissance)
Information Disclosure
Medium
Overview
| Field | Value |
|---|---|
| ID | 1100 |
| Name | Read CSINode Objects (Node & Storage Reconnaissance) |
| Risk Category | Information Disclosure |
| Risk Level | Medium |
| Role Type | ClusterRole |
| API Groups | storage.k8s.io |
| Resources | csinodes |
| Verbs | get, list, watch |
| Tags | InformationDisclosure NodeAccess Reconnaissance StorageDetailsDisclosure |
Description
Allows reading CSINode objects cluster-wide. These objects contain information about CSI drivers running on nodes, including driver names, node IDs, and sometimes topology keys. This can reveal details about the storage architecture and potentially vulnerable CSI driver versions or configurations.