Kubernetes info API access

Medium Nessus Plugin ID 110767

Synopsis

Kubernetes allows unauthenticated information disclosure via API access on port 10255 if not configured properly.

Description

A remote, unauthenticated attacker is able to access read only API on port 10255 (http) This API gives access to data of varying sensitivity

Solution

Only allow localhost connections, set up firewall and authentication.

See Also

http://www.nessus.org/u?8483f69d

Plugin Details

Severity: Medium

ID: 110767

File Name: kube_info_api.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 2018/06/28

Modified: 2018/11/15

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Nvd has no score for this cve. tenable research analyzed the issue and assigned one.

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 2018/06/14