Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positive in KHV036 #548

Open
x64-latacora opened this issue Jan 9, 2024 · 1 comment
Open

False Positive in KHV036 #548

x64-latacora opened this issue Jan 9, 2024 · 1 comment

Comments

@x64-latacora
Copy link

When the cluster returns 403 responses for unauthenticated requests, KHV036 shouldn't be triggered.

kube-hunter/kube_hunter/modules/discovery/kubelet.py

Line 63 in 7479aae

self.publish_event(SecureKubeletEvent(secure=True))

@KiranBodipi
Copy link
Contributor

KiranBodipi commented Jan 25, 2024
edited
Loading

kube-hunter producing incorrect result for KHV036 even though the authentication: anonymous: enabled is set to false in Kubelet configuration file. Please find the below screen shots for your reference.
Screenshot from 2024-01-25 18-08-50
Screenshot from 2024-01-25 18-06-01

Expected Result: If authentication: anonymous: enabled is set to false in Kubelet configuration file, the check should not be failed.
Actual Result: The check is being failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@KiranBodipi @x64-latacora