Execution with Unnecessary Privileges
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-250: Execution with Unnecessary Privileges |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The container or pod is configured to run in privileged mode, giving it broad access to the host system. This setting should be avoided as it grants the container unnecessary system-level privileges.
Impact#
If exploited, an attacker could break out of the container to access or control the host machine, potentially leading to full system compromise, data breaches, or disruption of other workloads running on the same host.