Incorrect Permission Assignment for Critical Resource
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-732: Incorrect Permission Assignment for Critical Resource |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The container’s securityContext has ‘allowPrivilegeEscalation’ set to true, which allows processes inside the container to gain additional privileges. This setting can let attackers exploit vulnerabilities to run code with higher permissions than intended.
Impact#
If exploited, an attacker could escalate privileges within the container, potentially gaining access to sensitive data, interfering with other processes, or compromising the underlying host or cluster. This increases the risk of data breaches and unauthorized control over workloads.