Lateral movement

K8S API server without node authorization


It was found that node authorization is not set in the k8s api server configuration file. Node authorization restricts the kubelet ability to read secrets and volumes in its node only. Without it, the environment might be vulnerable to lateral movement from one node to another.