Workload misconfigurations

Docker container escape

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Docker Socket '{DockerSocket}' was found to have mounted sockets. Docker socket is the UNIX socket that Docker is listening to. This is the primary entry point for the Docker API. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host.
  • Recommended Mitigation

    Avoid mapping docker socket into containers.