Attackers who have permissions to run a cmd/bash script inside a container can use it to execute malicious code. Note, this control is configurable. See below the details.
CronJob, DaemonSet, Deployment, Job, Pod, ReplicaSet, StatefulSet
Searching the image from pod spec in the vulnerability scan database, if the container has bash/cmd we raise an alert.Needs to add user config
Consider removing cmd/bash from your containers.
This control can be configured using the following parameters. Read CLI/UI documentation about how to change parameters.
Kubescape checks if container images have the any of the these shell executables.
Updated about 2 months ago