github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-24 10:02:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bf7023d01c08086ec5cf2a836da3b451b4fcd2b2
kube-hunter/docs/_kb/KHV032.md
Itay Shakury 8cc90db8f5 add kb index (#252)
2019-10-30 20:38:16 +02:00

737 B
Raw Blame History

vid, title, categories
vid title categories
KHV032 Etcd Remote Read Access Event
Access Risk

{{ page.vid }} - {{ page.title }}

Issue description

Etcd (Kubernetes' Database) is accessible without authentication. This exposes the entire state of your Kubernetes cluster to the reader.

Remediation

Ensure your etcd is accepting connections only from the Kubernetes API, using the --trusted-ca-file etcd flag. This is usually done by the installer, or cloud platform.

References

Reference in New Issue View Git Blame Copy Permalink