Detections
Analytics

Ensure the use of externalIPs is restricted for Kubernetes service

MEDIUM

Description

Use of externalIPs acts as an attack vector for exploiting CVE-2020-8554.

Remediation

There is no patch for this issue. Therefore, it is recommended not to use externalIPs argument in Kubernetes service configuration.

Policy Details

Rule Reference ID: AC_K8S_0112
CSP: Kubernetes
Remediation Available: No
Domain: Infrastructure Security
Resource: kubernetes_service
Resource Category: Management
Resource Type: Service

Frameworks