Kubernetes unprivileged API access

High Nessus Plugin ID 110768

Synopsis

Kubernetes allows unauthenticated command execution via API access if not configured properly.

Description

A remote, unauthenticated attacker is able to leverage API calls to execute commands and scripts or gain shell access via port 10250 (https)

Solution

Only allow localhost connections, set up firewall and authentication.

See Also

http://www.nessus.org/u?dc2664c3

Plugin Details

Severity: High

ID: 110768

File Name: kube_unprivileged_api.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 2018/06/28

Modified: 2018/09/17

Risk Information

Risk Factor: High

CVSS Score Source: manual

CVSS Score Rationale: Nvd has no score for this cve. tenable research analyzed the issue and assigned one.

CVSSv2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSSv3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

Vulnerability Publication Date: 2018/06/14