Lateral movement

Controller creating containers with AllowPrivilegeEscalation turned on


AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process and it defaults to True. The controller {K8sController} was found configured with settings that allows the creation of containers that have the AllowPrivilegeEscalation flag set to True. The Container's SecurityContext attributes are responsible for limiting the potential attack vector beyond the container-level context. An adversary can use this misconfiguration to compromise the cluster.