Ensure that the –anonymous-auth argument is set to false
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
The API server is configured to allow anonymous requests by not setting the ‘–anonymous-auth’ flag to ‘false’. This means unauthenticated users can interact with the Kubernetes API server.
Impact#
Allowing anonymous access can enable attackers to perform unauthorized actions or information gathering on the cluster, potentially leading to privilege escalation, data exposure, or disruption of services.
Resolution#
Set ‘–anonymous-auth’ to ‘false’.