Lateral movement

Controller creating pods with hostNetwork enabled

Platform(s)

  • Non-platform specific

Compliance Frameworks

AKS CIS, Data Security Posture Management (DSPM) Best Practices, EKS CIS, GKE CIS, iso_27001_2022, iso_27002_2022, K8s CIS, Mitre ATT&CK, NIST 800-190

Description

hostNetwork when set to true allows the pod to use the network namespace and network resources of the node. In this case, the pod can access loopback devices, listen to addresses, and monitor the traffic of other pods on the node. Controller {K8sController} was found configured with settings that allows creating a pod that can use network namespace and network resources of the node. The pod security attributes are responsible for limiting the potential attack vector beyond the pod-level context. An adversary can use these misconfiguration to compromise the cluster.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo