Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 401
Alerts This Week
Warning Icon 1 401

381,645 Kubernetes API Servers Exposed: Shadowserver Findings

13.Lock StylizedMotherboard Esm H446

A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

"While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."