ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Attacker
2
ServerAgentContainer (same node)Container (diff node)
3
Victim ServerN/A: There is only one serverMitigated: The server has validation in place to prevent it from signing CSRs for SPIFFE IDs that are not registered to a particular agent. Furthermore, there is validation to prevent an operator from erroneously registering the server's SPIFFE ID. Agents always validate the server's SPIFFE ID when connecting to it.

Score: 0.11		Mitigated: There is validation to prevent an operator from erroneously registering the server's SPIFFE ID.

Score: 0.11		Mitigated: There is validation to prevent an operator from erroneously registering the server's SPIFFE ID.

Score: 0.11
4
Victim AgentNONE: The server has the signing keys and can issue new identities at will

Score: 57.5		Mitigated: The server has validation in place to prevent it from signing CSRs for SPIFFE IDs that are not registered to a particular agent. Furthermore, there is validation to prevent an operator from erroneously registering a SPIFFE ID representing an agent.

Score: 0.115		ESCAPE: If a container escape and privilege escalation can be performed, it is possible to read the agent's key from memory.

Score: 0.63		Mitigated: There is validation to prevent an operator from erroneously registering the agent's SPIFFE ID.

Score: 0.115
5
Victim Container (same node)NONE: The server has the signing keys and can issue new identities at will

Score: 5.5		NONE: Agent controls the keys and certificates for all containers authorized to run on it.

Score: 5.5		ESCAPE: If a container escape and privilege escalation can be performed, it is possible to read neighboring container's keys from memory.

Score: 0.231		ESCAPE: A container can be authorized to run on multiple nodes. If the container in question is authorized to run on the node with the evil container, then the evil container can obtain a certificate representing the victim container by reading keys from the memory of the local agent.

Score: 0.525
6
Victim Container (diff node)NONE: The server has the signing keys and can issue new identities at will

Score: 12.5		NONE: A container can be authorized to run on multiple nodes. If the container in question is authorized to run on the node with the evil agent, then the evil agent can obtain a certificate representing the container.

Score: 12.5
NOTE: This condition only occurs under certain configurations		ESCAPE: A container can be authorized to run on multiple nodes. If the container in question is authorized to run on the node with the evil container, then the evil container can obtain a certificate representing the victim container by reading keys from the memory of the local agent.

Score: 0.525		ESCAPE: A container can be authorized to run on multiple nodes. If the container in question is authorized to run on the node with the evil container, then the evil container can obtain a certificate representing the victim container by reading keys from the memory of the local agent.

Score: 0.525
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100