C-0036 - Validate admission controller (validating)
Framework
AllControls, MITRE, ClusterScan
Severity
Low
Description of the the issue
Attackers can use validating webhooks to intercept and discover all the resources in the cluster. This control lists all the validating webhook configurations that must be verified.
Related resources
ValidatingWebhookConfiguration
What does this control test
Attackers can use validating webhooks to intercept and discover all the resources in the cluster. This control lists all the validating webhook configurations that must be verified.
Remediation
Ensure all the webhooks are necessary. Use exception mechanism to prevent repititive notifications.
Example
No example
Updated about 2 months ago