Kube-hunter hunts for security weaknesses in Kubernetes clusters
View the Project on GitHub aquasecurity/kube-hunter
Lookup Vulnerability
KHV049 - kubectl proxy Exposed
Issue description
An open kubectl proxy was detected. kubectl proxy is a convenient tool to connect from a local machine into an application running in Kubernetes or to the Kubernetes API. This is common practice to browse for example the Kubernetes dashboard. Leaving an open proxy can be exploited by an attacker to gain access into your entire cluster.
Remediation
Expose your applications in a permanent, legitimate way, such as via Ingress.
Close open proxies immediately after use.