Kubernetes >

Arbitrary Access To Cluster Scoped Resources

HIGH

Source

Kube Hunter

KHV026

kubernetes

Arbitrary Access To Cluster Scoped Resources

Cluster is found to be vulnerable to CVE-2019-11247. Please see the Vulnerability description for additional information.

Recommended Actions

Please see the Vulnerability description for remediation.

Links

CVE-2019-11247: API server allows access to custom resources via wrong scope
CVE-2019-11247

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.