Kube-hunter hunts for security weaknesses in Kubernetes clusters
View the Project on GitHub aquasecurity/kube-hunter
Lookup Vulnerability
KHV043 - Cluster Health Disclosure
Issue description
The kubelet is leaking it’s health information, which may contain sensitive information, via the /healthz endpoint. This endpoint is exposed as part of the kubelet’s debug handlers.
Remediation
Disable --enable-debugging-handlers kubelet flag.