Kube-hunter hunts for security weaknesses in Kubernetes clusters
View the Project on GitHub aquasecurity/kube-hunter
Lookup Vulnerability
KHV021 - Certificate Includes Email Address
Issue description
The Kubernetes API Server advertises a public certificate for TLS. This certificate includes an email address, that may provide additional information for an attacker on your organization, or be abused for further email based attacks.
Remediation
Do not include email address in the Kubernetes API server certificate. (You should continue to use certificates to secure the API Server!)