Do not allow public ingress via network policies
| Severity | Exploitability | Providers | Categories |
|---|---|---|---|
| HIGH | HIGH | Kubernetes | NETWORK |
Description
Network policy ingress rules dictate allowed traffic initiated outside the local network and destined for a local network. It is considered the first line of defense in a network security strategy.
By allowing traffic from /0. all incoming traffic are authorized. This includes unauthorized, suspicious and harmful traffic.
In general, it is good practice to avoid very broad network subnet in network policies.
Impact
| Potential data exposure | Visible in logs | User interaction required | Privileges required |
|---|---|---|---|
| True | True | False | False |
- Suspicious traffic not filtered.
- Unauthorized instance access.
- Distributed Denial of Service (DDoS) attacks vulnerability.
Remediation guidelines
Define a more restrictive firewall ingress rule. A log review may be relevant to find any unwanted connection.
References
Was this page helpful?
