Execution with Unnecessary Privileges
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-250: Execution with Unnecessary Privileges |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The container is configured to run as the root user because the ‘runAsNonRoot: true’ setting is missing in the Kubernetes securityContext. Running containers as root increases the risk of privilege escalation if the application is compromised.
Impact#
If exploited, an attacker who gains access to the container could obtain root privileges, allowing them to modify system files, escalate privileges, or access sensitive data. This could lead to a full compromise of the container and potentially the host or other services in the cluster.