Old version of vpc-cni installed on EKS cluster

Network misconfigurations

Old version of vpc-cni installed on EKS cluster

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
cis_8
CPRA
EKS CIS
HITRUST
ISO/IEC 27001
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

CNI is a specification and libraries for writing plugins to configure network interfaces in Linux containers. Kubernetes network policies are enforced by the CNI plugin in use. As such it is important to ensure that the CNI plugin supports both Ingress and Egress network policies. Orca has detected that ""vpc-cni"" is in use in {AwsEksCluster}, and is not in up-to-date.

Recommended Mitigation

Update the ""vpc-cni"" addon in {AwsEksCluster} to the latest version.

Old version of vpc-cni installed on EKS cluster

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS