Lateral movement

Controller creating pods with enabled hostPID, hostIPC, hostNetwork and with privileged Docker

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Docker privileged mode grants a Docker container root capabilities to all devices on the host system. hostPID when set to true allows a pod to have access to the host process ID namespace. hostNetwork when set to true allows the pod to use the network namespace and network resources of the node. hostIPC when set to true allows a pod to have access to the host IPC namespace. Controller {K8sController} was found configured with settings that allows creating a pod with all the above capabilities. The pod security attributes are responsible for limiting the potential attack vector beyond the pod-level context. An adversary can use these misconfiguration to compromise the cluster.
  • Recommended Mitigation

    Consider to disable the following attributes: HostNetwork, HostPID, HostIPC, Privileged