Privilege Escalation in Kubernetes

Processes with in container can gain additional privileges is if `allowPrivilegeEscalation` is not set.

Remediation

apiVersion: apps/v1
kind: Deployment
spec:
  template:
    spec:
      containers:
      - name: myContainer
        securityContext:
          allowPrivilegeEscalation: false

Metadata

Severity: high
Slug: privilege-escalation-in-kubernetes

CWEs

250: Execution with Unnecessary Privileges

OWASP

A04:2021: Insecure Design

Available Labs

Select a language to explore available labs for this vulnerability.

2 Labs

Kubernetes Labs

Kubernetes 2 labs

Explore 2 labs in Kubernetes.

No matching labs found

Try adjusting your language filter.

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.