def __init__(self, pods): Vulnerability.__init__(self, component=Kubelet, name="Exposed Pods", category=AccessKubeletAPITechnique, vid="KHV052") self.pods = pods self.evidence = f"count: {len(self.pods)}"
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Port Forward", category=RemoteCodeExec, vid="KHV041", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed System Logs", category=InformationDisclosure, vid="KHV045", )
def __init__(self, kubedns_pod_ip): Vulnerability.__init__(self, KubernetesCluster, "Possible DNS Spoof", category=IdentityTheft, vid="KHV030") self.kubedns_pod_ip = kubedns_pod_ip self.evidence = "kube-dns at: {}".format(self.kubedns_pod_ip)
def __init__(self): Vulnerability.__init__( self, KubernetesCluster, "Proxy Exposed", category=ConnectFromProxyServerTechnique, vid="KHV049", )
def __init__(self, evidence): Vulnerability.__init__( self, KubernetesCluster, name="Created a namespace", category=AccessRisk, ) self.evidence = evidence
def __init__(self, evidence): Vulnerability.__init__( self, KubernetesCluster, name="Deleted A Pod", category=AccessRisk, ) self.evidence = evidence
def __init__(self, version): Vulnerability.__init__(self, KubernetesCluster, name="Etcd Remote version disclosure", category=InformationDisclosure, vid="KHV033") self.evidence = version
def __init__(self, version): Vulnerability.__init__( self, KubernetesCluster, name="Etcd is accessible using insecure connection (HTTP)", category=UnauthenticatedAccess, vid="KHV034") self.evidence = version
def __init__(self, evidence): Vulnerability.__init__( self, component=KubernetesCluster, name="Access to pod's secrets", category=AccessContainerServiceAccountTechnique, ) self.evidence = evidence
def __init__(self): Vulnerability.__init__( self, KubernetesCluster, "Possible Arp Spoof", category=ARPPoisoningTechnique, vid="KHV020", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Exec On Container", category=ExecIntoContainerTechnique, vid="KHV039", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Container Logs", category=AccessKubeletAPITechnique, vid="KHV037", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Anonymous Authentication", category=ExposedSensitiveInterfacesTechnique, vid="KHV036", )
def __init__(self, evidence): Vulnerability.__init__( self, KubernetesCluster, name="Arbitrary Access To Cluster Scoped Resources", category=PrivilegeEscalation, vid="KHV026") self.evidence = evidence
def __init__(self, status): Vulnerability.__init__(self, Kubelet, "Cluster Health Disclosure", category=InformationDisclosure, vid="KHV043") self.status = status self.evidence = f"status: {self.status}"
def __init__(self, binary_version): Vulnerability.__init__(self, KubectlClient, "Kubectl Vulnerable To CVE-2019-1002101", category=RemoteCodeExec, vid="KHV028") self.binary_version = binary_version self.evidence = "kubectl version: {}".format(self.binary_version)
def __init__(self, cmdline): Vulnerability.__init__(self, Kubelet, "Exposed Kubelet Cmdline", category=InformationDisclosure, vid="KHV046") self.cmdline = cmdline self.evidence = f"cmdline: {self.cmdline}"
def __init__(self, evidence): Vulnerability.__init__( self, KubernetesCluster, name="Patched a cluster role", category=AccessRisk, ) self.evidence = evidence
def __init__(self, count): Vulnerability.__init__(self, Kubelet, "Exposed Running Pods", category=InformationDisclosure, vid="KHV038") self.count = count self.evidence = "{} running pods".format(self.count)
def __init__(self, evidence): Vulnerability.__init__( self, component=KubernetesCluster, name="Access to pod's secrets", category=AccessRisk, ) self.evidence = evidence
def __init__(self, cidr): Vulnerability.__init__(self, Azure, "Azure Metadata Exposure", category=InformationDisclosure, vid="KHV003") self.cidr = cidr self.evidence = "cidr: {}".format(cidr)
def __init__(self): Vulnerability.__init__( self, KubernetesCluster, "Possible Arp Spoof", category=IdentityTheft, vid="KHV020", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Anonymous Authentication", category=RemoteCodeExec, vid="KHV036", )
def __init__(self, keys): Vulnerability.__init__( self, KubernetesCluster, name="Etcd Remote Read Access Event", category=AccessRisk, vid="KHV032") self.evidence = keys
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Run Inside Container", category=RemoteCodeExec, vid="KHV040", )
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Attaching To Container", category=RemoteCodeExec, vid="KHV042", )
def __init__(self, evidence): Vulnerability.__init__( self, KubernetesCluster, name="Denial of Service to Kubernetes API Server", category=DenialOfService, vid="KHV023") self.evidence = evidence
def __init__(self, pods): Vulnerability.__init__(self, component=Kubelet, name="Exposed Pods", category=InformationDisclosure, vid="KHV052") self.pods = pods self.evidence = f"count: {len(self.pods)}"
def __init__(self): Vulnerability.__init__( self, component=Kubelet, name="Exposed Port Forward", category=GeneralDefenseEvasionTechnique, vid="KHV041", )