TF 0049 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure AKS cluster has Network Policy configured
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | container |
| Provider | Azure |
| Vulnerability Type | omission |
Description
The AKS cluster is not configured with a network policy, allowing unrestricted communication between all pods within the cluster. Without network policies, traffic cannot be controlled or isolated between workloads.
Impact
An attacker who compromises a single pod could freely access and interact with any other pod in the cluster, increasing the risk of lateral movement, data exposure, and disruption of services across the entire Kubernetes environment.
Resolution
Configure a network policy