nuclei-templates/cloud/kubernetes/security-compliance/k8s-tls-config-set.yaml

43 lines
1.6 KiB
YAML
Raw Normal View History

id: k8s-tls-config-set
info:
name: Ensure TLS config appropriately set
author: princechaddha
severity: medium
description: Checks if the tls-cert-file and tls-private-key-file arguments are properly set in the API server configuration, which is essential for secure communication.
impact: |
The absence of tls-cert-file and tls-private-key-file arguments means that the API server may not use TLS for secure communications, leading to potential security risks.
remediation: |
Configure the API server to use tls-cert-file and tls-private-key-file that point to a valid certificate and key file respectively. This setting should be part of the API server startup arguments or in its configuration file.
reference:
- https://kubernetes.io/docs/admin/kube-apiserver/
tags: cloud,devops,kubernetes,security,devsecops,api-server,k8s,k8s-cluster-security
2024-06-18 11:16:02 +00:00
variables:
argument: "tls-cert-file or tls-private-key-file"
self-contained: true
code:
- engine:
- sh
- bash
source: |
kubectl get pods -n kube-system -l component=kube-apiserver -o jsonpath="{.items[*].spec.containers[*].command}"
matchers-condition: and
matchers:
- type: word
words:
- 'kube-apiserver'
- type: word
words:
- "tls-cert-file"
- "tls-private-key-file"
negative: true
extractors:
- type: dsl
dsl:
2024-06-18 11:16:02 +00:00
- '"API server configuration is missing the " + argument + " argument."'
# digest: 490a004630440220663b353d03208073f03e9fd1ca874cd74a23c3d7516268be639eba641bcbc8a302201a5914f5f7cb59043a838f3567cabf472f857962f3da09a3b059c6e12d2e3957:922c64590222798bb761d5b6d8e72950