Missing Authorization
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-862: Missing Authorization |
| Confidence Level | High |
| Impact Level | High |
| Likelihood Level | Medium |
Description#
Mounting the Docker socket (docker.sock) inside a container gives processes in the container full control over the Docker host. This exposes the host to risks if the container is compromised.
Impact#
If an attacker gains access to the container, they can use the Docker socket to escape the container and execute arbitrary commands on the host system, potentially leading to full system compromise, data breaches, or lateral movement across your infrastructure.