HIGH
Source
Kube Hunter
ID
KHV039

Exposed Exec On Container

An attacker could run arbitrary commands on a container via the kubelet’s /exec endpoint. This endpoint is exposed as part of the kubelet’s debug handlers.

Disable --enable-debugging-handlers kubelet flag.