github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-22 09:04:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7df38fc95401623751e28d9a7fe502fde525f4c
kube-hunter/docs/_kb/KHV034.md
Owen Rumney e1896f3983 docs: lowercase the severities for AVD (#495) 
Signed-off-by: Owen Rumney <owen@owenrumney.co.uk>
2022-03-25 09:03:43 +00:00

715 B
Raw Blame History

vid, title, categories, severity
vid title categories severity
KHV034 Etcd is accessible using insecure connection (HTTP)
Unauthenticated Access
high

{{ page.vid }} - {{ page.title }}

Issue description

The etcd server (Kubernetes database) port is accessible over plain HTTP, and therefore unencrypted and potentially insecured.

Remediation

Ensure your setup is exposing etcd only on an HTTPS port by using the etcd flags --key-file and --cert-file.

References

Reference in New Issue View Git Blame Copy Permalink