kubernetes-dashboard is accesible without authorization or authentication with NodePort
Bug #1719548 reported by
Spyros Trigazis
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Magnum |
New
|
Undecided
|
Unassigned |
Bug Description
Opening the dashboard with no basic auth, and no tls enabled we introduce a major vulnerability to the clusters to attackers.
Action:
Allow access only via kube-proxy, recommended in the kubernetes-
summary: |
- kubernetes-dashboard is accesible without authorixation or + kubernetes-dashboard is accesible without authorization or authentication with NodePort |
To post a comment you must log in.