Kubernetes info API access

Medium Nessus Plugin ID 110767

Synopsis

Kubernetes allows unauthenticated information disclosure via API access on port 10255 if not configured properly.

Description

A remote, unauthenticated attacker is able to access read only API on port 10255 (http) This API gives access to data of varying sensitivity

Solution

Only allow localhost connections, set up firewall and authentication.

See Also

http://www.nessus.org/u?dc2664c3

Plugin Details

Severity: Medium

ID: 110767

File Name: kube_info_api.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 2018/06/28

Modified: 2018/09/17

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Nvd has no score for this cve. tenable research analyzed the issue and assigned one.

CVSSv2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSSv3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 2018/06/14