Execution with Unnecessary Privileges
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-250: Execution with Unnecessary Privileges |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The container is allowed to run as the root user because the ‘runAsNonRoot: true’ setting is missing from its security context. This increases the risk of privilege escalation within your Kubernetes pods.
Impact#
If exploited, an attacker could gain root-level access inside the container, potentially allowing them to access sensitive data, manipulate the environment, or break out of the container to compromise the host or other containers, putting your application and infrastructure at risk.