Logo

Kube-hunter hunts for security weaknesses in Kubernetes clusters

View the Project on GitHub aquasecurity/kube-hunter

Lookup Vulnerability
All vulnerabilies

KHV007 - Specific Access to Kubernetes API

Issue description

kube-hunter was able to perform the action specified by the reported vulnerability (check the report for more information). This may or may not be a problem, depending on your cluster setup and preferences.

Remediation

Review the RBAC permissions to Kubernetes API server for the anonymous and default service account.

References