Master authorized networks are not configured
| Severity | Exploitability | Providers | Categories |
|---|---|---|---|
| HIGH | MEDIUM | Google Cloud Provider | NETWORK |
Description
Authorized networks restrict the origins from where the control planes of Google Kubernetes Engines (GKE) clusters can be accessed.
Impact
| Potential data exposure | Visible in logs | User interaction required | Privileges required |
|---|---|---|---|
| True | False | False | False |
Control planes can be accessed from anywhere, risking Distributed Denial-of-Service (DDoS). It may also be a risk of data exposure, if bruteforce attack is conducted.
Remediation guidelines
Enable master authorized networks, then configure the IP addresses allowed to access the GKE cluster's control plane.
References
Was this page helpful?
