SYM_CONF_0123 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Insufficient Logging
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-778: Insufficient Logging |
| OWASP | A10:2017 - Insufficient Logging & Monitoring |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The EKS cluster configuration does not enable control plane logging for key components like the Kubernetes API server and audit logs. Without these logs, important actions and access events within the cluster may go unmonitored.
Impact
If control plane logging is disabled, suspicious activity or security incidents in your EKS cluster may go undetected, making it harder to investigate breaches or unauthorized access. This lack of visibility can allow attackers to exploit the cluster without being noticed, increasing the risk to your infrastructure and data.