Role or ClusterRole with dangerous permissions Affecting RoleBinding service in Kubernetes


Severity

medium

    Is your enviroment affected by this misconfiguration?

    In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

    Test your applications
      Frameworks
      CIS-Controls CIS-Kubernetes-Foundations CSA-CCM
    • Snyk ID SNYK-CC-K8S-47
    • credit Snyk Research Team

    Description

    Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.

    How to fix?

    Consider removing these permissions