Aqua Vulnerability Database

    Get Demo

    Vulnerabilities
    Misconfiguration
    Runtime Security
    Compliance

    Kubernetes

    Access to Kubernetes API

    Anonymous Authentication

    Arbitrary Access To Cluster Scoped Resources

    AWS Metadata Exposure

    Azure Metadata Exposure

    Azure SPN Exposure

    Certificate Includes Email Address

    Cluster Health Disclosure

    Critical Privilege Escalation CVE

    Dashboard Exposed

    Denial of Service to Kubernetes API Server

    Etcd is accessible using insecure connection (HTTP)

    Etcd Remote Read Access Event

    Etcd Remote version disclosure

    Etcd Remote Write Access Event

    Exposed Attaching To Container

    Exposed Container Logs

    Exposed Exec On Container

    Exposed Existing Privileged Containers Via Secure Kubelet Port

    Exposed Kubelet Cmdline

    Exposed Pods

    Exposed Port Forward

    Exposed Run Inside Container

    Exposed Running Pods

    Exposed System Logs

    General

    Insecure (HTTP) access to Kubernetes API

    kubectl proxy Exposed

    Kubectl Vulnerable To CVE-2019-1002101

    Kubectl Vulnerable To CVE-2019-11246

    Kubernetes version disclosure

    Network

    Pod With Mount To /var/log

    Possible Arp Spoof

    Possible DNS Spoof

    Possible Ping Flood Attack

    Possible Reset Flood Attack

    Privileged Container

    Read access to Pod service account token

    Specific Access to Kubernetes API

    Aqua Container Security
    Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
    Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use