mirror of
https://github.com/aquasecurity/kube-hunter.git
synced 2026-05-24 01:55:20 +00:00
652 B
652 B
vid, title, categories
| vid | title | categories | |
|---|---|---|---|
| KHV042 | Exposed Attaching To Container |
|
{{ page.vid }} - {{ page.title }}
Issue description
An attacker could attach to a running container via a websocket on the kubelet's /attach endpoint. This endpoint is exposed as part of the kubelet's debug handlers.
Remediation
Disable --enable-debugging-handlers kubelet flag.