2022-06-02 10:58:57,662 INFO kube_hunter.modules.report.collector Started hunting 2022-06-02 10:58:57,663 INFO kube_hunter.modules.report.collector Discovering Open Kubernetes Services 2022-06-02 10:58:57,893 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.242.209:10250 2022-06-02 10:58:58,020 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.242.129:10250 2022-06-02 10:58:58,211 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.242.5:10250 2022-06-02 10:58:58,308 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.5:10250 2022-06-02 10:58:58,351 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.74:10250 2022-06-02 10:58:58,506 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.241.156:10250 2022-06-02 10:58:58,511 INFO kube_hunter.modules.report.collector Found open service "Etcd" at 10.32.241.156:2379 2022-06-02 10:58:58,541 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.62:10250 2022-06-02 10:58:58,550 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.242.229:10250 2022-06-02 10:58:58,748 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.185:10250 2022-06-02 10:58:58,752 INFO kube_hunter.modules.report.collector Found open service "API Server" at 10.32.241.156:6443 2022-06-02 10:58:58,803 INFO kube_hunter.modules.report.collector Found vulnerability "Certificate Includes Email Address" in 10.32.242.229:10250 2022-06-02 10:58:59,354 INFO kube_hunter.modules.report.collector Found vulnerability "K8s Version Disclosure" in 10.32.241.156:6443 Nodes +-------------+---------------+ | TYPE | LOCATION | +-------------+---------------+ | Node/Master | 10.32.243.74 | +-------------+---------------+ | Node/Master | 10.32.243.62 | +-------------+---------------+ | Node/Master | 10.32.243.5 | +-------------+---------------+ | Node/Master | 10.32.243.185 | +-------------+---------------+ | Node/Master | 10.32.242.5 | +-------------+---------------+ | Node/Master | 10.32.242.229 | +-------------+---------------+ | Node/Master | 10.32.242.209 | +-------------+---------------+ | Node/Master | 10.32.242.129 | +-------------+---------------+ | Node/Master | 10.32.241.156 | +-------------+---------------+ Detected Services +-------------+---------------------+----------------------+ | SERVICE | LOCATION | DESCRIPTION | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.74:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.62:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.5:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.185:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.242.5:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.242.229:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.242.209:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.242.129:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.241.156:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Etcd | 10.32.241.156:2379 | Etcd is a DB that | | | | stores cluster's | | | | data, it contains | | | | configuration and | | | | current | | | | state | | | | information, and | | | | might contain | | | | secrets | +-------------+---------------------+----------------------+ | API Server | 10.32.241.156:6443 | The API server is in | | | | charge of all | | | | operations on the | | | | cluster. | +-------------+---------------------+----------------------+ Vulnerabilities For further information about a vulnerability, search its ID in: https://avd.aquasec.com/ +--------+---------------------+----------------------+----------------------+----------------------+-----------------+ | ID | LOCATION | MITRE CATEGORY | VULNERABILITY | DESCRIPTION | EVIDENCE | +--------+---------------------+----------------------+----------------------+----------------------+-----------------+ | KHV021 | 10.32.242.229:10250 | Initial Access // | Certificate Includes | The Kubernetes API | email: b'Y@B.5' | | | | General Sensitive | Email Address | Server advertises a | | | | | Information | | public certificate | | | | | | | for TLS. | | | | | | | This certificate | | | | | | | includes an email | | | | | | | address, that may | | | | | | | provide additional | | | | | | | information for an | | | | | | | attacker on your | | | | | | | organization, or | | | | | | | be abused for | | | | | | | further email based | | | | | | | attacks. | | +--------+---------------------+----------------------+----------------------+----------------------+-----------------+ | KHV002 | 10.32.241.156:6443 | Initial Access // | K8s Version | The kubernetes | v1.22.2 | | | | Exposed sensitive | Disclosure | version could be | | | | | interfaces | | obtained from the | | | | | | | /version endpoint | | +--------+---------------------+----------------------+----------------------+----------------------+-----------------+