Prevent binding to privileged ports
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Container configurations are mapping application ports to host ports below 1024, which are reserved for privileged system services and sensitive network traffic. This exposes critical ports to containerized workloads, increasing the risk of unauthorized access.
Impact#
If exploited, attackers could intercept or interfere with system-level services by binding to these privileged ports, potentially enabling data interception, service disruption, or privilege escalation within the host environment.
Resolution#
Do not map the container ports to privileged host ports when starting a container.