Privileged
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | misconfiguration |
Description#
Containers configured with ‘securityContext.privileged: true’ run with elevated permissions, effectively removing the isolation between the container and the host system. This misconfiguration allows containers to access and modify host resources directly.
Impact#
Exploiting privileged containers allows attackers to break out of the container, access or control the underlying host, escalate privileges, and compromise the entire Kubernetes cluster, leading to significant security breaches and potential data loss.
Resolution#
Change ‘containers[].securityContext.privileged’ to ‘false’.