Legacy client authentication methods utilized.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | gke |
| Provider | |
| Vulnerability Type | misconfiguration |
Description#
The cluster is configured to allow legacy authentication methods, such as basic username/password or client certificate authentication, instead of using stronger mechanisms like service accounts or OAuth. This increases the risk of unauthorized access due to weaker credential management.
Impact#
Exploiting this vulnerability could allow attackers to gain administrative access to the Kubernetes cluster’s master node using compromised or easily guessed credentials, potentially leading to full cluster takeover, data breaches, or disruption of critical workloads.
Resolution#
Use service account or OAuth for authentication