TF 0376 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure that the etcd data directory ownership is set to etcd:etcd
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
The etcd data directory (/var/lib/etcd) is not owned by the etcd user and group, which allows unauthorized users or processes to access or modify its contents. This misconfiguration undermines the integrity and confidentiality of etcd data.
Impact
If exploited, unauthorized users or processes could read, modify, or delete etcd database files, potentially leading to compromise of sensitive cluster data, disruption of cluster operations, or escalation of privileges within the Kubernetes environment.
Resolution
Change the etcd data directory /var/lib/etcd ownership to etcd:etcd