Vendor services misconfigurations

Kubernetes API server publicly accessible

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Publicly accessible Kubernetes API servers have a higher chance of unauthorized access attempts and 0-day exploit attempts. It was detected that the API server of {AzureAksCluster} is publicly accessible.
  • Recommended Mitigation

    It is recommended to enable private access to the Kubernetes API server so that all communication between your nodes and the API server stays within Azure. You can limit the IP addresses that can access your API server from the internet, or completely disable internet access to the API server.