C-0036 - Malicious admission controller (validating)

Malicious admission controller (validating)

Framework

MITRE, AllControls, YAML-scanning

Severity

Low

Description of the the issue

Attackers can use validating webhooks to intercept and discover all the resources in the cluster. This control lists all the validating webhook configurations that must be verified.

Related resources

ValidatingWebhookConfiguration

What does this control test

Attackers can use validating webhooks to intercept and discover all the resources in the cluster. This control lists all the validating webhook configurations that must be verified.

Remediation

Ensure all the webhooks are necessary. Use exception mechanism to prevent repititive notifications.

Example

No example