C-0039 - Malicious admission controller (mutating)

Malicious admission controller (mutating)

Framework

MITRE, YAML-scanning, AllControls

Severity

Critical

Description of the the issue

Attackers may use mutating webhooks to intercept and modify all the resources in the cluster. This control lists all mutating webhook configurations that must be verified.

Related resources

MutatingWebhookConfiguration

What does this control test

Attackers may use mutating webhooks to intercept and modify all the resources in the cluster. This control lists all mutating webhook configurations that must be verified.

Remediation

Ensure all the webhooks are necessary. Use exception mechanism to prevent repititive notifications.

Example

No example


Did this page help you?