Skip to content

kubelet - Ensure that the --read-only-port is secured

An XCCDF Rule

Description

Disable the read-only port.

Rationale

The Kubelet process provides a read-only API in addition to the main Kubelet API. Unauthenticated access is provided to this read-only API which could possibly retrieve potentially sensitive information about the cluster.

ID
xccdf_org.ssgproject.content_rule_kubelet_read_only_port_secured
Severity
Medium
References
Updated