Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Integrity Monitoring is disabled for Shielded GKE nodes in your Google Kubernetes Engine (GKE) cluster configuration. This means the system won’t detect or alert on unauthorized changes to node boot or runtime state, reducing protection against tampering.
Impact#
If an attacker compromises a node, malicious changes could go undetected, making it harder to spot or respond to security breaches. This weakens the cluster’s defenses and may allow attackers to maintain persistence or escalate privileges without detection.