Controller creating pods with hostPID enabled and with privileged Docker

Lateral movement

Controller creating pods with hostPID enabled and with privileged Docker

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
CPRA
essential_8_au
GDPR
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
pipeda
UK Cyber Essentials

Description

Docker privileged mode grants a Docker container root capabilities to all devices on the host system. hostPID when set to true allows a pod to have access to the host process ID namespace. Controller {K8sController} was found configured with settings that allows creating a pod with privileged Docker and with access to the host process ID namespace. The pod security attributes are responsible for limiting the potential attack vector beyond the pod-level context. An adversary can use these misconfiguration to compromise the cluster.

Controller creating pods with hostPID enabled and with privileged Docker

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS