Kube-hunter hunts for security weaknesses in Kubernetes clusters

View the Project on GitHub aquasecurity/kube-hunter

Lookup Vulnerability
All vulnerabilies

KHV034 - Etcd is accessible using insecure connection (HTTP)

Issue description

The etcd server (Kubernetes database) port is accessible over plain HTTP, and therefore unencrypted and potentially insecured.


Ensure your setup is exposing etcd only on an HTTPS port by using the etcd flags --key-file and --cert-file.