EKS cluster should not have open CIDR range for public access
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | eks |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The EKS cluster configuration allows public access from all IP addresses (0.0.0.0/0), exposing the Kubernetes API endpoint to the entire internet. This overly broad CIDR range makes the cluster openly accessible and vulnerable to unauthorized access attempts.
Impact#
If exploited, attackers anywhere on the internet could attempt to access or compromise the EKS cluster, potentially leading to data breaches, unauthorized control over workloads, or disruption of services. This exposure significantly increases the risk of cluster takeover and organizational impact.
Resolution#
Don’t enable public access to EKS Clusters