services / Azure / Kubernetes role bindings (AKS Fleet)
Kubernetes RoleBinding objects in an AKS Fleet cluster, which grant the permissions of a Role or ClusterRole to subjects (users, groups, service accounts) within a namespace.
RoleBindings are the access-control grants that map identities to RBAC roles; creating them can bind a controlled identity to cluster-admin, an access-control asset treated as CRITICAL.
Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write
Creating/updating a RoleBinding binds a (possibly admin) role to an attacker-controlled subject, the canonical RBAC privilege-escalation primitive.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security