github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-21 08:36:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed pods vuln

Browse Source
This commit is contained in:
daniel_sagi
2018-07-17 19:06:03 +03:00
parent 67d05bccf5
commit 185f89d07f
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/modules/hunting/kubelet.py
View File

@@ -16,9 +16,8 @@ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
""" Vulnerabilities """
class ExposedPodsHandler(Vulnerability, Event):
"""An attacker could view sensitive information about pods that are bound to a Node using the /pods endpoint"""
def __init__(self, count):
def __init__(self):
Vulnerability.__init__(self, Kubelet, "Exposed Pods", category=InformationDisclosure)
self.evidence = count
class AnonymousAuthEnabled(Vulnerability, Event):
"""The kubelet is misconfigured, potentially allowing secure access to all requests on the kubelet, without the need to authenticate"""