Vulnerabilities
Misconfiguration
Runtime Security
Compliance

Kubernetes

Access to Kubernetes API

Anonymous Authentication

Arbitrary Access To Cluster Scoped Resources

AWS Metadata Exposure

Azure Metadata Exposure

Azure SPN Exposure

Certificate Includes Email Address

Cluster Health Disclosure

Critical Privilege Escalation CVE

Dashboard Exposed

Denial of Service to Kubernetes API Server

Etcd is accessible using insecure connection (HTTP)

Etcd Remote Read Access Event

Etcd Remote version disclosure

Etcd Remote Write Access Event

Exposed Attaching To Container

Exposed Container Logs

Exposed Exec On Container

Exposed Existing Privileged Containers Via Secure Kubelet Port

Exposed Kubelet Cmdline

Exposed Pods

Exposed Port Forward

Exposed Run Inside Container

Exposed Running Pods

Exposed System Logs

General

Insecure (HTTP) access to Kubernetes API

kubectl proxy Exposed

Kubectl Vulnerable To CVE-2019-1002101

Kubectl Vulnerable To CVE-2019-11246

Kubernetes version disclosure

Network

Pod With Mount To /var/log

Possible Arp Spoof

Possible DNS Spoof

Possible Ping Flood Attack

Possible Reset Flood Attack

Privileged Container

Read access to Pod service account token

Specific Access to Kubernetes API
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use