2025-01-17 15:51:31,111 INFO kube_hunter.modules.report.collector Started hunting 2025-01-17 15:51:31,112 INFO kube_hunter.modules.report.collector Discovering Open Kubernetes Services 2025-01-17 15:51:31,205 INFO kube_hunter.modules.report.collector Found open service "Etcd" at 10.32.243.178:2379 2025-01-17 15:51:31,212 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.241.57:10250 2025-01-17 15:51:31,215 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.240.177:10250 2025-01-17 15:51:31,239 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.240.219:10250 2025-01-17 15:51:31,241 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.93:10250 2025-01-17 15:51:31,271 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.178:10250 2025-01-17 15:51:31,282 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.241.205:10250 2025-01-17 15:51:31,291 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.241.122:10250 2025-01-17 15:51:31,385 INFO kube_hunter.modules.report.collector Found open service "API Server" at 10.32.243.178:6443 2025-01-17 15:51:31,417 INFO kube_hunter.modules.report.collector Found vulnerability "K8s Version Disclosure" in 10.32.243.178:6443 Nodes +-------------+---------------+ | TYPE | LOCATION | +-------------+---------------+ | Node/Master | 10.32.243.93 | +-------------+---------------+ | Node/Master | 10.32.243.178 | +-------------+---------------+ | Node/Master | 10.32.241.57 | +-------------+---------------+ | Node/Master | 10.32.241.205 | +-------------+---------------+ | Node/Master | 10.32.241.122 | +-------------+---------------+ | Node/Master | 10.32.240.219 | +-------------+---------------+ | Node/Master | 10.32.240.177 | +-------------+---------------+ Detected Services +-------------+---------------------+----------------------+ | SERVICE | LOCATION | DESCRIPTION | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.93:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.178:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.241.57:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.241.205:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.241.122:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.240.219:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.240.177:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Etcd | 10.32.243.178:2379 | Etcd is a DB that | | | | stores cluster's | | | | data, it contains | | | | configuration and | | | | current | | | | state | | | | information, and | | | | might contain | | | | secrets | +-------------+---------------------+----------------------+ | API Server | 10.32.243.178:6443 | The API server is in | | | | charge of all | | | | operations on the | | | | cluster. | +-------------+---------------------+----------------------+ Vulnerabilities For further information about a vulnerability, search its ID in: https://avd.aquasec.com/ +--------+--------------------+----------------------+----------------------+----------------------+----------+ | ID | LOCATION | MITRE CATEGORY | VULNERABILITY | DESCRIPTION | EVIDENCE | +--------+--------------------+----------------------+----------------------+----------------------+----------+ | KHV002 | 10.32.243.178:6443 | Initial Access // | K8s Version | The kubernetes | v1.28.6 | | | | Exposed sensitive | Disclosure | version could be | | | | | interfaces | | obtained from the | | | | | | | /version endpoint | | +--------+--------------------+----------------------+----------------------+----------------------+----------+