Legacy authentication should not be used

Severity	Exploitability	Providers	Categories
HIGH	MEDIUM	Google Cloud Provider	PERMISSION

Description

Legacy authentication such as username/password, and certificate authentication are considered less secure. Rather use OAuth or service accounts to authenticate.

Impact

Potential data exposure	Visible in logs	User interaction required	Privileges required
True	False	False	False

Unauthorized access to nodes.

Remediation guidelines

Use another authentication method such as OAuth or service account. Explicitly disable username/password authentication on the master.

References

Google Cloud - Add authorized networks for control plane access

Legacy authentication should not be used

Description

Impact

Remediation guidelines

References

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Legacy authentication should not be used

Description​

Impact​

Remediation guidelines​

References​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

Impact

Remediation guidelines

References