Insecure service configuration - Docker
Description
Using the ADD command to automatically extract files to the destination directory adds the risk of exploiting vulnerabilities such as zip bombs and Zip Slip that could then be activated automatically.
Impact
Expose the system to zip-based vulnerabilities
Recommendation
Avoid the use of the ADD command unless you need extract a local tar file. Instead, use the COPY command
Threat
Authenticated local attacker with access to the container
Expected Remediation Time
⏱️ 20 minutes.
Requirements
266 - Disable insecure functionalitiesRules
Docker Copy Entire ContextDocker Add Allows Zip SlipDocker Insecure Cleartext ProtocolDocker Insecure Builder Sandbox FlagDocker Run With Network HostDocker Obsolete Tls Protocol UsageDocker Socket Mount DangerousDocker Sha1 Checksum VerificationFixes