Skip to main content

Majority of Kubernetes API Servers Exposed to the Public Internet

posted onMay 19, 2022
by l33tdawg
Dark Reading
Credit: Dark Reading

Researchers with Shadowserver Foundation have discovered more than 380,000 open Kubernetes API servers exposed on the Internet. That represents 84% of all global Kubernetes API instances observable online.

The research was conducted across IPv4 infrastructure using HTTP GET requests. The researchers didn’t do any intrusive checks to figure out exactly the level of exposure that the servers exhibited, but the findings suggest potential trouble across this landscape.

“While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended, and these instances are an unnecessarily exposed attack surface,” according to the Shadowserver report. “They also allow for information leakage on version and builds.” The densest cluster of exposed API servers was found in the US, where some 201,348 of these open API instances were discovered. That accounts for 53% of the total open servers found.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th