Workload misconfigurations

Docker container escape

Platform(s)
  • Non-platform specific

Compliance Frameworks
  • Mitre ATT&CK
  • ,
  • NIST 800-190

Description

Docker Socket '{DockerSocket}' was found to have mounted sockets. Docker socket is the UNIX socket that Docker is listening to. This is the primary entry point for the Docker API. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host.