Kube-hunter hunts for security weaknesses in Kubernetes clusters
View the Project on GitHub aquasecurity/kube-hunter
Lookup Vulnerability
KHV007 - Specific Access to Kubernetes API
Issue description
kube-hunter was able to perform the action specified by the reported vulnerability (check the report for more information). This may or may not be a problem, depending on your cluster setup and preferences.
Remediation
Review the RBAC permissions to Kubernetes API server for the anonymous and default service account.