C-0019 - Bash/cmd inside container

Bash/cmd inside container



Description of the the issue

Attackers who have permissions to run a cmd/bash script inside a container can use it to execute malicious code. Note, this control is configurable. See bellow the details.

Related resources

CronJob, DaemonSet, Deployment, Job, Pod, ReplicaSet, StatefulSet

What does this control test

Searching the image from pod spec in the vulnerability scan database, if the container has bash/cmd we raise an alert.Needs to add user config


Consider removing cmd/bash from your containers.


This control can be configured using the following parameters. Read CLI/UI documentation about how to change parameters.

Shell executable in container

Kubescape checks if container images have the any of the these shell executables.


Did this page help you?