TF 0518 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Workloads in the default namespace
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
Workloads are configured to run in the Kubernetes default namespace instead of a dedicated, isolated namespace. This practice reduces separation between resources and can lead to accidental access or changes across unrelated workloads.
Impact
Using the default namespace increases the risk of privilege escalation, resource conflicts, and accidental exposure of sensitive workloads. Attackers or misconfigured processes may more easily discover, access, or interfere with critical resources, compromising the overall security and stability of the cluster.
Resolution
Set 'metadata.namespace' to a non-default namespace.