Data protection

K8S API server configuration contains insecure bind address

Risk Level

Hazardous (3)

  • N/A


It was found that the API server contains an insecure bind address. Setting an insecure bind address allows anyone to connect without an authentication and authorization to the master node.
  • Recommended Mitigation

    It is recommended to verify that '--insecure-bind-address' does not exist in the configuration file.