Workloads in the default namespace
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
Workloads are configured to run in the Kubernetes default namespace instead of a dedicated, isolated namespace. This practice reduces separation between resources and can lead to accidental access or changes across unrelated workloads.
Impact#
Using the default namespace increases the risk of privilege escalation, resource conflicts, and accidental exposure of sensitive workloads. Attackers or misconfigured processes may more easily discover, access, or interfere with critical resources, compromising the overall security and stability of the cluster.
Resolution#
Set ‘metadata.namespace’ to a non-default namespace.