Logo

Kube-hunter hunts for security weaknesses in Kubernetes clusters

View the Project on GitHub aquasecurity/kube-hunter

Lookup Vulnerability
All vulnerabilies

KHV021 - Certificate Includes Email Address

Issue description

The Kubernetes API Server advertises a public certificate for TLS. This certificate includes an email address, that may provide additional information for an attacker on your organization, or be abused for further email based attacks.

Remediation

Do not include email address in the Kubernetes API server certificate. (You should continue to use certificates to secure the API Server!)