TF 0053 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Manages /etc/hosts
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
Setting 'spec.template.spec.hostAliases' in Kubernetes resource definitions allows manual management of /etc/hosts entries inside containers, overriding default behavior and potentially preventing the container engine from updating this file as needed.
Impact
Improper management of /etc/hosts can lead to stale or incorrect DNS resolutions within containers, which may cause service disruptions, hinder container communication, or expose the system to man-in-the-middle attacks if host mappings are manipulated.
Resolution
Do not set 'spec.template.spec.hostAliases'.