TF 0389 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure AKS has an API Server Authorized IP Ranges enabled
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | container |
| Provider | Azure |
| Vulnerability Type | omission |
Description
The AKS cluster's API server is accessible from any IP address because no authorized IP ranges are configured, leaving the management endpoint exposed to the public internet.
Impact
Without restricted IP ranges, malicious actors can attempt to access and compromise the Kubernetes API server, potentially gaining control over the cluster, exposing sensitive workloads, and disrupting services.
Resolution
Limit the access to the API server to a limited IP range