TF 0388 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Tiller Is Deployed
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | misconfiguration |
Description
The deployment includes Helm Tiller, a component from Helm v2 that runs with elevated privileges and exposes an unauthenticated gRPC endpoint, making the cluster management plane vulnerable to remote access and manipulation.
Impact
If exploited, attackers could gain full control over Kubernetes resources by sending commands to Tiller, potentially leading to privilege escalation, unauthorized deployments or deletions, and compromise of the entire cluster.
Resolution
Migrate to Helm v3 which no longer has Tiller component