Json Yaml Missing Container Securitycontext
Description
Identifies Kubernetes containers that are deployed without a security context configuration, while also lacking a pod-level security context. Security contexts define privilege and access control settings for pods and containers - without them, containers may run with excessive privileges or insufficient security controls.
Detection Strategy
• Examines Kubernetes manifest files for container specifications
• Checks if a security context is defined at the pod level through '.spec.securityContext'
• For each container in the specification, verifies if it has a container-level security context defined through '.spec.containers[].securityContext'
• Reports a vulnerability if a container lacks its own security context configuration AND there is no pod-level security context defined
Vulnerable code example
apiVersion: v1
kind: Pod
metadata:
name: vulnerable-pod
spec:
# Vulnerable: Missing automountServiceAccountToken: false
containers:
- name: vulnerable-container...✅ Secure code example
apiVersion: v1
kind: Pod
metadata:
name: secure-pod
spec:
# Prevent automatic mounting of service account tokens
automountServiceAccountToken: false
# Pod-level security context...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.