Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Kubernetes Engine cluster is configured with monitoring disabled. Without monitoring enabled, cluster activity and health metrics are not collected or visible.
Impact#
Disabling monitoring makes it harder to detect security incidents, operational issues, or unauthorized changes in your clusters. Attackers or misconfigurations could go unnoticed, increasing the risk of breaches or downtime.