Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The cluster configuration allows the use of legacy Compute Engine instance metadata APIs, which can expose sensitive metadata to workloads running in the cluster. This setting can enable unauthorized access to cluster or cloud resources.
Impact#
If exploited, attackers may retrieve sensitive information such as service account tokens or configuration details from the metadata server, potentially allowing privilege escalation or unauthorized actions within your GCP environment.