Lateral movement

Controller creating pods with privileged Docker

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Docker privileged mode grants a Docker container root capabilities to all devices on the host system. Controller {K8sController} was found configured with settings that allows creating a pod with privileged Docker. The pod security attributes are responsible for limiting the potential attack vector beyond the pod-level context. An adversary can use these misconfiguration to compromise the cluster.
  • Recommended Mitigation

    Consider to disable the following attributes: Privileged