H3-2021-0008

Unauthenticated Etcd Access

Description

The etcd server is accessible without authentication, leaving it vulnerable to unauthorized access.

Impact

An attacker could access sensitive information stored in the database without providing valid credentials. This could lead to compromised secrets, configuration data, and other sensitive information stored in etcd.

References

• Securing Etcd Clusters
• CIS Benchmarks: Securing Kubernetes