GKE Control Plane should not be publicly accessible
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | MEDIUM | Google Cloud Provider | NETWORK |
Description
GKE (Google Kubernetes Engine) Control Plane manages various processes run by GKE cluster nodes. It should have restricted access, but is publicly accessible by default.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | False | False | False |
Potential Distributed Denial-of-Service (DDoS) and bruteforce on credentials.
Remediation guidelines
Set nodes to private and manage master authorized network.