github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-24 01:55:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bf7023d01c08086ec5cf2a836da3b451b4fcd2b2
kube-hunter/docs/_kb/KHV031.md
Itay Shakury 8cc90db8f5 add kb index (#252)
2019-10-30 20:38:16 +02:00

761 B
Raw Blame History

vid, title, categories
vid title categories
KHV031 Etcd Remote Write Access Event
Remote Code Execution

{{ page.vid }} - {{ page.title }}

Issue description

Etcd (Kubernetes' Database) is writable without authentication. This gives full control of your Kubernetes cluster to an attacker with access to etcd.

Remediation

Ensure your etcd is accepting connections only from the Kubernetes API, using the --trusted-ca-file etcd flag. This is usually done by the installer, or cloud platform.

References

Reference in New Issue View Git Blame Copy Permalink