Detections
Analytics

Kubernetes unprivileged API access

high Nessus Plugin ID 110768

Language:

Synopsis

Kubernetes allows unauthenticated command execution via API access if not configured properly.

Description

A remote, unauthenticated attacker is able to leverage API calls to execute commands and scripts or gain shell access via port 10250 (https)

Solution

Only allow localhost connections, set up firewall and authentication.

See Also

http://www.nessus.org/u?8483f69d

Plugin Details

Severity: High

ID: 110768

File Name: kube_unprivileged_api.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 6/28/2018

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Nvd has no score for this cve. tenable research analyzed the issue and assigned one.

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

Vulnerability Publication Date: 6/14/2018