Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The AKS (Azure Kubernetes Service) cluster is not configured as a private cluster, meaning it is accessible over the public internet. This exposes the Kubernetes API server to unauthorized access.
Impact#
Leaving the AKS cluster public increases the risk of attackers gaining access to cluster management endpoints, potentially allowing them to view, modify, or disrupt workloads. This can lead to data breaches, service disruption, or unauthorized resource usage.