I have a simple Angular application and I deployed it on an Nginx server in a POD on a Kubernetes environment. I realised that I am now able to access the /etc/passwd file on the POD, without even having to login into the POD. Since this is the /etc/passwd file for a POD, should I be concerned?
A sample command that I tried is
curl http://test_k8s_route/\?../../../../../../../../../../../etc/passwd
You should be very concerned. Your application is not secure at all and should be taken offline right not.
Why?
That's a local file read vulnerability. An attacker can use this to read any file on your pod. And this is not something you want.
This is a serious security issue for your application and (depending on the configuration of the Kubernetes cluster it's deployed to) could also cause security issues for the whole cluster.
By default pods will get a service account token mounted into them which may provide access to the Kubernetes API. If that token is granted any rights, an attacker would be able to access it using the vulnerability you've got and then use it to attack the whole cluster.
Also if your pod mounts in any paths from the underlying node , this vulnerability would allow for access to them.
Also if your pod has secrets mounted into it for access to other systems like databases, an attacker could use this issue to access that information.
