DerScanner
Home / Vulnerability Database / Config files : Improper network isolation
Config files

Config files : Improper network isolation

Classification

OWASP Top 10 2021
A4-Insecure Design
CWE
CWE-250CWE-656CWE-657
CWE/SANS Top 25 2011
CWE-250

Overview

Improper network isolation.

If you use the host network mode for a container, that container’s network stack is not isolated from the Docker host (the container shares the host’s networking namespace), and the container does not get its own IP-address allocated. For instance, if you run a container which binds to port 80 and you use host networking, the container’s application is available on port 80 on the host’s IP address.

References

  1. OWASP Docker Security Cheat Sheet
  2. CWE-250: Execution with Unnecessary Privileges
  3. CWE-657: Violation of Secure Design Principles
LOW

DerScanner Severity Score

Do you want to fix Config files : Improper network isolation in your application?

See also

Config files

Config files : Text4Shell Vulnerability

Config files

Config files : Incorrect directory deletion

Config files

Config files : Code injection