Property
Languageterraform
Severitymedium

Description#

The network policy is missing podSelector or namespaceSelector fields, resulting in traffic not being properly restricted to specific pods or namespaces. Without these selectors, the policy does not effectively control which resources are affected.

Impact#

If exploited, this misconfiguration can allow unauthorized ingress or egress traffic between pods, increasing the risk of lateral movement, data exposure, or attacks within the cluster due to insufficient network isolation.

Resolution#

create network policies and ensure that pods are selected using the podSelector and/or the namespaceSelector options