Leaving public access open exposes your service to the internet

Severity	Exploitability	Providers	Categories
MEDIUM	HIGH	AWS	NETWORK

Description

The access endpoint of an EKS cluster is used to communicate and interact with the cluster (such as when using kubectl).

Leaving the endpoint exposed to the internet can allow an attacker to perform distributed denial of service (DDoS) attacks on the service. In case other vulnerabilities are also present in the service, this would facilitate their exploitation.

Impact

Potential data exposure	Visible in logs	User interaction required	Privileges required
False	True	False	False

Denial of service.
Could enable to exploit vulnerabilities in the cluster.

Remediation guidelines

Disable public access.

References

Amazon EKS cluster endpoint access control

Leaving public access open exposes your service to the internet

Description

Impact

Remediation guidelines

References

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Leaving public access open exposes your service to the internet

Description​

Impact​

Remediation guidelines​

References​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

Impact

Remediation guidelines

References