Publicly accessible Kubernetes service uses a container image with vulnerabilities

kubernetes
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

Unpatched vulnerabilities in publicly accessible applications can increase the likelihood of exposing weaknesses, creating an entry point for attackers to gain unauthorized access to the pod or container.

Remediation

  1. Review any associated vulnerability references or advisories.
  2. Apply the appropriate patch based on remediation guidance. If no patch is available, apply compensating controls such as disabling or removing the vulnerable component.
  3. If public exposure is not required, restrict external access using internal service types, tighter ingress or load balancer rules, NetworkPolicies, or cloud provider firewall controls.