2022-07-04 15:13:16,108 INFO kube_hunter.modules.report.collector Started hunting 2022-07-04 15:13:16,109 INFO kube_hunter.modules.report.collector Discovering Open Kubernetes Services 2022-07-04 15:13:16,249 INFO kube_hunter.modules.report.collector Found open service "Etcd" at 10.32.240.71:2379 2022-07-04 15:13:16,270 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.142:10250 2022-07-04 15:13:16,309 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.17:10250 2022-07-04 15:13:16,325 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.240.71:10250 2022-07-04 15:13:16,399 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.243.117:10250 2022-07-04 15:13:16,497 INFO kube_hunter.modules.report.collector Found open service "Kubelet API" at 10.32.242.243:10250 2022-07-04 15:13:16,642 INFO kube_hunter.modules.report.collector Found open service "API Server" at 10.32.240.71:6443 2022-07-04 15:13:16,717 INFO kube_hunter.modules.report.collector Found vulnerability "K8s Version Disclosure" in 10.32.240.71:6443 Nodes +-------------+---------------+ | TYPE | LOCATION | +-------------+---------------+ | Node/Master | 10.32.243.17 | +-------------+---------------+ | Node/Master | 10.32.243.142 | +-------------+---------------+ | Node/Master | 10.32.243.117 | +-------------+---------------+ | Node/Master | 10.32.242.243 | +-------------+---------------+ | Node/Master | 10.32.240.71 | +-------------+---------------+ Detected Services +-------------+---------------------+----------------------+ | SERVICE | LOCATION | DESCRIPTION | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.17:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.142:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.243.117:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.242.243:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Kubelet API | 10.32.240.71:10250 | The Kubelet is the | | | | main component in | | | | every Node, all pod | | | | operations goes | | | | through the kubelet | +-------------+---------------------+----------------------+ | Etcd | 10.32.240.71:2379 | Etcd is a DB that | | | | stores cluster's | | | | data, it contains | | | | configuration and | | | | current | | | | state | | | | information, and | | | | might contain | | | | secrets | +-------------+---------------------+----------------------+ | API Server | 10.32.240.71:6443 | The API server is in | | | | charge of all | | | | operations on the | | | | cluster. | +-------------+---------------------+----------------------+ Vulnerabilities For further information about a vulnerability, search its ID in: https://avd.aquasec.com/ +--------+-------------------+----------------------+----------------------+----------------------+----------+ | ID | LOCATION | MITRE CATEGORY | VULNERABILITY | DESCRIPTION | EVIDENCE | +--------+-------------------+----------------------+----------------------+----------------------+----------+ | KHV002 | 10.32.240.71:6443 | Initial Access // | K8s Version | The kubernetes | v1.22.5 | | | | Exposed sensitive | Disclosure | version could be | | | | | interfaces | | obtained from the | | | | | | | /version endpoint | | +--------+-------------------+----------------------+----------------------+----------------------+----------+