🚀 Join our AI Wargame at Black Hat Asia and our Workshop + Wargame at NDC Sydney .

Unnecessary Privilege

Unnecessary privilege happens when the process runs under a high privilege account. In the case of a container running with high privilege account, it can lead to container escapes, privilege escalation, and other security concerns.

Remediation

  • Make sure the system run with lowest possible privilege.
  • Remove the 'privileged' option.

Metadata

  • Severity: medium
  • Slug: unnecessary-privilege

CWEs

  • 250: Execution with Unnecessary Privileges

OWASP

  • A05:2021: Security Misconfiguration

Available Labs

Open Container labs in SecDim Play for this vulnerability.

Try it yourself

Find, Hack and Fix Your First Vulnerability

Reading about security bugs is one thing — fixing one is how the skill sticks. Play a free challenge from the wargame, no setup required.