SYM_CONF_0008 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Privilege Management
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-269: Improper Privilege Management |
| OWASP | A04:2021 - Insecure Design |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The pod configuration enables 'hostPID', which allows containers to share the host's process ID namespace. This can let processes inside the container see and interact with processes running on the host, increasing the risk of privilege escalation.
Impact
If exploited, attackers could gain visibility into or control over host processes from within a compromised container, potentially escaping the container boundary and gaining elevated privileges on the host machine. This can lead to unauthorized access, process manipulation, or full host compromise.