Network misconfigurations

K8S API server configuration without certificate authority

Description

It was found that the API server configuration parameter '--kubelet-certificate-authority'. Without it, the server does not validate the kubelet serving certificate which make the connection vulnerable to man-in-the-middle attack.