User Privilege Escalation – Authentication Key Management (Project Scope)
The User '{GcpUser}' has an IAM policy containing permissions that allow privilege escalation, at the project level. One or more...
Blog
Service Account Privilege Escalation – Service Update (Resource Scope)
The Service account '{GcpIamServiceAccount}' has an IAM policy containing permissions that allow privilege escalation, at the resource level ({GcpIamServiceAccount.PolicyBindings.Policy.Scope}). One...
Group Policy Preferences with cpassword
We have found Group Policy Preferences file '{CpasswordFile}' with cpassword for {CpasswordFile.Cpasswords}. A cpassword is used for setting passwords from...
Controller creating pods with hostNetwork enabled
hostNetwork when set to true allows the pod to use the network namespace and network resources of the node. In...
Controller creating pods with enabled hostPID, hostIPC, hostNetwork and with privileged Docker
Docker privileged mode grants a Docker container root capabilities to all devices on the host system. hostPID when set to...
Function app environment variables expose secrets
Azure Functions is Azure's serverless solution. Environment variables are key-value pairs of data which are forwarded to the execution environment...
Web app environment variables expose secrets
Azure Functions is Azure's serverless solution. Environment variables are key-value pairs of data which are forwarded to the execution environment...
Controller creating containers that are running as root or have the option to run as root
When assessing which user the controller allows its containers to run as, there are 3 parameters: 1. RunAsUser - define...
Controller creating containers with the NET_RAW capability enabled
Linux Capabilities refer to the division of the privileges, which are traditionally associated with superuser, into distinct units which can...