Lateral movement

Controller creating pods with hostPID enabled and with privileged Docker


Docker privileged mode grants a Docker container root capabilities to all devices on the host system. hostPID when set to true allows a pod to have access to the host process ID namespace. Controller {K8sController} was found configured with settings that allows creating a pod with privileged Docker and with access to the host process ID namespace. The pod security attributes are responsible for limiting the potential attack vector beyond the pod-level context. An adversary can use these misconfiguration to compromise the cluster.