Kubernetes Auto Upgrades Not Enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | DigitalOcean |
| Vulnerability Type | omission |
Description#
The Kubernetes cluster is not configured with automatic upgrades enabled, meaning it will not automatically receive the latest security patches and updates. This leaves the cluster running potentially outdated and vulnerable software versions.
Impact#
Without auto-upgrades, known security vulnerabilities in the Kubernetes cluster software may remain unpatched, increasing the risk of exploitation by attackers. This can lead to unauthorized access, data breaches, or compromise of workloads running on the cluster.
Resolution#
Set maintenance policy deterministically when auto upgrades are enabled