services / Azure / Kubernetes RoleBindings (AKS fleet member)
Kubernetes namespaced RoleBindings on a member cluster of an AKS fleet. A RoleBinding grants the permissions of a referenced Role/ClusterRole to a set of subjects (users, groups, service accounts), and is the core of Kubernetes RBAC access control.
RBAC bindings govern who can do what in the cluster; controlling them enables cluster-admin-level privilege escalation, hence CRITICAL.
Microsoft.ContainerService/fleets/members/rbac.authorization.k8s.io/rolebindings/write
Creating/updating a RoleBinding binds any role (including admin) to an attacker-controlled subject, directly granting elevated cluster privileges.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security