267 – Excessive Privileges - Kubernetes
Description
Kubernetes default configuration is overly permissive, allowing users to escalate privileges or execute commands as privileged users.
Impact
Gain total control over one or more PoDs.
Recommendation
Set strict security policy disabling potentially harmful actions and restricting the user permissions.
Threat
Authenticated attacker with local access to PoD or container.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: L
- Attack complexity: L
- Attack Requirements: N
- Privileges required: L
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): L
- Availability (VA): L
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: U