Role or ClusterRole with dangerous permissions Affecting RoleBinding service in Kubernetes

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CIS-Kubernetes-Foundations CSA-CCM

Snyk ID SNYK-CC-K8S-47
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.

How to fix?

Consider removing these permissions

References

https://kubernetes.io/docs/reference/access-authn-authz/rbac/