Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Kubernetes Engine clusters have client certificate authentication enabled, which can allow users to connect using client certificates. This authentication method is less secure and can expose the cluster to unauthorized access if certificates are compromised.
Impact#
If exploited, attackers with access to a client certificate could gain administrative control over the Kubernetes cluster, potentially leading to data breaches, service disruption, or further compromise of cloud resources.