SYM_CONF_0112 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The AKS (Azure Kubernetes Service) cluster is not configured as a private cluster, meaning it is accessible over the public internet. This exposes the Kubernetes API server to unauthorized access.
Impact
Leaving the AKS cluster public increases the risk of attackers gaining access to cluster management endpoints, potentially allowing them to view, modify, or disrupt workloads. This can lead to data breaches, service disruption, or unauthorized resource usage.