Kubernetes Pods API Code Execution Vulnerability Scanner
When the service port is available, anyone can execute commands inside the container.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
5 sec
Scan only one
Url
Toolbox
-
Kubernetes, a container orchestration system used by many companies worldwide, is a type of service. Lots of companies are exposing their Kubernetes API with no authentication; inside the Kubernetes cluster, small containers called Pods are ran. Essentially a pod represents a process inside the cluster. By having this exposed, an attacker can not only see what is running on the Pods but also execute commands on the Pods themselves.
![cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.](/_next/image?url=%2Fassets%2Fimages%2Fhome%2Fshield-256.png&w=640&q=75)
Try it yourself,
control security posture
control security posture