SYM_CONF_0006 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Incorrect Permission Assignment for Critical Resource
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-732: Incorrect Permission Assignment for Critical Resource |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The container is configured with a writable root filesystem, which means applications inside the container can change or add files. This increases the risk of malicious code being downloaded or critical files being modified during runtime.
Impact
If exploited, attackers could write or replace files in the container, potentially installing malware, creating backdoors, or tampering with application code and data. This can lead to data breaches, unauthorized access, or the compromise of other systems connected to the container.