C-0039 - Malicious admission controller (mutating)

Malicious admission controller (mutating)

Framework

MITRE, AllControls, YAML-scanning

Severity

Medium

Description of the the issue

Attackers may use mutating webhooks to intercept and modify all the resources in the cluster. This control lists all mutating webhook configurations that must be verified.

Related resources

MutatingWebhookConfiguration

What does this control test

Attackers may use mutating webhooks to intercept and modify all the resources in the cluster. This control lists all mutating webhook configurations that must be verified.

Remediation

Ensure all the webhooks are necessary. Use exception mechanism to prevent repititive notifications.

Example

No example