H3-2021-0008¶

Unauthenticated Etcd Access

Description¶

The etcd server is accessible without authentication, leaving it vulnerable to unauthorized access.

Impact¶

An attacker could access sensitive information stored in the database without providing valid credentials. This could lead to compromised secrets, configuration data, and other sensitive information stored in etcd.

References¶

• Securing Etcd Clusters
• CIS Benchmarks: Securing Kubernetes