Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Detect Kubernetes Exposed Metrics" module is designed to identify potential information disclosure vulnerabilities in Kubernetes clusters. It focuses on detecting misconfigurations that may expose sensitive metrics data.
This module targets Kubernetes, a popular container orchestration platform used in DevOps environments. It helps DevOps teams identify and address potential security risks related to metric exposure.
The severity of this module is classified as low, indicating that while it may not pose an immediate threat, it is still important to address the identified vulnerabilities to maintain a secure Kubernetes environment.
This module was authored by pussycat0x.
Information disclosure of garbage collection can lead to the exposure of sensitive metrics data in Kubernetes clusters. This can potentially provide attackers with insights into the cluster's performance, resource utilization, and other critical information. It is important to address these vulnerabilities to prevent unauthorized access and maintain the confidentiality of the cluster's metrics.
The "Detect Kubernetes Exposed Metrics" module works by sending HTTP requests to the target Kubernetes cluster and analyzing the responses based on predefined matching conditions. It checks for the presence of specific keywords in the response body, such as "namespace," "HELP," "TYPE," and "kube." Additionally, it verifies that the HTTP response status is 200 (OK).
Here is an example of an HTTP request sent by the module:
GET /metrics
The module then evaluates the response against the defined matching conditions:
- The response body must contain the keywords "namespace," "HELP," "TYPE," and "kube" (all conditions must be met). - The HTTP response status must be 200 (OK).If both conditions are met, the module reports a vulnerability related to the exposed metrics in the Kubernetes cluster.
Reference:
- https://kubernetes.io/docs/concepts/cluster-administration/system-metrics/#metrics-in-kubernetes