Kubernetes info API access

medium Nessus Plugin ID 110767

Synopsis

Kubernetes allows unauthenticated information disclosure via API access on port 10255 if not configured properly.

Description

A remote, unauthenticated attacker is able to access read only API on port 10255 (http) This API gives access to data of varying sensitivity

Solution

Only allow localhost connections, set up firewall and authentication.

See Also

http://www.nessus.org/u?8483f69d

Plugin Details

Severity: Medium

ID: 110767

File Name: kube_info_api.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 6/28/2018

Updated: 4/7/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Nvd has no score for this cve. tenable research analyzed the issue and assigned one.

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 6/14/2018