Service with External IP
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Defining external IP addresses in a Kubernetes Service configuration exposes the service directly to the internet, bypassing network controls and increasing exposure to external threats, including known vulnerabilities like CVE-2020-8554.
Impact#
Attackers could exploit internet-exposed services to gain unauthorized access, perform network attacks, or intercept traffic, leading to data breaches, service disruption, or lateral movement within the cluster.
Resolution#
Do not set spec.externalIPs