Data protection

K8S API server configuration contains insecure port

Risk Level

Hazardous (3)

  • N/A

Compliance Frameworks


It was found that the API server contains an insecure port. Setting an insecure port allows anyone to connect without an authentication and authorization to the api server.
  • Recommended Mitigation

    It is recommended to verify that '--insecure-port' is set to zero in the configuration file.