Kubernetes Controller Manager --profiling argument is not set to false

Best practices

Kubernetes Controller Manager –profiling argument is not set to false

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
ISO/IEC 27001
K8s CIS
Mitre ATT&CK v12
NIST 800-190
NIST 800-53
UK Cyber Essentials

Description

It was found that the argument --profiling in the Controller Manager configuration file is not set to False. Profiling is used to identify performance bottlenecks. When enabled, the feature can be exploited by a malicious actor to uncover system and program details.

Recommended Mitigation

It is recommended to edit the Controller Manager configuration file on the master node and set the parameter ""False"" to the --profiling argument.

Kubernetes Controller Manager –profiling argument is not set to false

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS