# Missing allowPrivilegeEscalation Setting

- ID: kubernetes-missing-privilege-escalation-setting
- Severity: MEDIUM
- CWE: CWE-250 (CWE-250)
- Languages: YAML
- Frameworks: kubernetes

## Description

Detects containers with securityContext that do not explicitly set allowPrivilegeEscalation.

## Detection Message

Container has securityContext but does not explicitly set allowPrivilegeEscalation.

## Remediation

Explicitly disable privilege escalation.

```yaml
securityContext:
  allowPrivilegeEscalation: false
```

Learn more: https://shoulder.dev/learn/kubernetes/cwe-250/missing-privilege-escalation-setting

## Documentation

[object Object]

## Related Rules

- **Container runs as root** [HIGH]: 
- **Docker User and File Permissions** [HIGH]: 
- **Privilege Escalation Allowed** [HIGH]: 
- **Dangerous Linux Capabilities Added** [CRITICAL]: 
- **Host Namespace Access Enabled** [CRITICAL]: