Controller creating containers with AllowPrivilegeEscalation turned on

Lateral movement

Controller creating containers with AllowPrivilegeEscalation turned on

Platform(s)

Compliance Frameworks

AKS CIS
Brazilian General Data Protection (LGPD)
CCPA
CPRA
EKS CIS
essential_8_au
GDPR
GKE CIS
iso_27001_2022
iso_27002_2022
K8s CIS
K8s OWASP Top 10
New Zealand Information Security Manual
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
pipeda
UK Cyber Essentials

Description

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process and it defaults to True. The controller {K8sController} was found configured with settings that allows the creation of containers that have the AllowPrivilegeEscalation flag set to True. The Container's SecurityContext attributes are responsible for limiting the potential attack vector beyond the container-level context. An adversary can use this misconfiguration to compromise the cluster.

Controller creating containers with AllowPrivilegeEscalation turned on

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS