SYM_CONF_0120 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Exposure of Sensitive Information to an Unauthorized Actor
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The EKS cluster configuration allows public access to the Kubernetes API endpoint by not setting 'endpoint_public_access' to false in 'vpc_config'. This means the cluster's control plane is reachable from the internet.
Impact
Leaving the public endpoint enabled exposes the Kubernetes API to unauthorized access, increasing the risk of attacks such as data exposure, cluster takeover, or service disruption. Attackers could attempt to exploit vulnerabilities or brute-force credentials, potentially compromising the entire cluster.