Data protection

K8S API server configuration contains insecure bind address

Risk Level

Hazardous (3)

Platform(s)

  • N/A

Compliance Frameworks

Description

It was found that the API server contains an insecure bind address. Setting an insecure bind address allows anyone to connect without an authentication and authorization to the master node.

  • Recommended Mitigation

    It is recommended to verify that '--insecure-bind-address' does not exist in the configuration file.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.