Publicly available application running in risky container allowing escape to privileged node
Set up the kubernetes integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
A critical vulnerability has been discovered in a publicly exposed application running within a high-risk container. If exploited, this vulnerability could lead to a container escape, potentially escalating to privileged access on the associated cloud node. This situation poses a severe security risk as it could lead to granting unauthorized control over your cloud resources.
- Revisit your Kubernetes pod/container configurations. Avoid using containers that run as root and enforce security practices using Kubernetes Pod Security Policies, SELinux, AppArmor, or Seccomp.
- Review and limit the cloud node’s privileged permissions adhering to the principle of least privilege.
- Follow cloud-specific node hardening best practices: keep your OS, Kubernetes platform up-to-date, and discard unnecessary services.