TF 0423 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Default security context configured
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
Kubernetes resources are configured with the default security context, which means critical security settings like user privileges and filesystem access are not explicitly restricted. This allows containers or pods to run with potentially excessive permissions, such as running as root.
Impact
If exploited, attackers could gain elevated privileges within containers or pods, enabling them to perform unauthorized actions, escalate privileges, or compromise the broader cluster. This increases the risk of data breaches, service disruption, or further lateral movement within the environment.
Resolution
To enhance security, it is strongly recommended not to rely on the default security context. Instead, it is advisable to explicitly define the required security parameters (such as runAsNonRoot, capabilities, readOnlyRootFilesystem, etc.) within the security context.