mirror of
https://github.com/aquasecurity/kube-hunter.git
synced 2026-05-24 10:02:50 +00:00
756 B
756 B
vid, title, categories, severity
| vid | title | categories | severity | |
|---|---|---|---|---|
| KHV032 | Etcd Remote Read Access Event |
|
CRITICAL |
{{ page.vid }} - {{ page.title }}
Issue description
Etcd (Kubernetes' Database) is accessible without authentication. This exposes the entire state of your Kubernetes cluster to the reader.
Remediation
Ensure your etcd is accepting connections only from the Kubernetes API, using the --trusted-ca-file etcd flag. This is usually done by the installer, or cloud platform.