Security point: Anonymous user has RoleBinding

aenix-io / cozystack

Free and Open Source PaaS-platform for seamless management of virtual machines, managed Kubernetes, and Databases-as-a-Service

https://cozystack.io

Apache License 2.0

912 stars 53 forks source link

Security point: Anonymous user has RoleBinding #404

Open matthieu-robin opened 1 month ago

matthieu-robin commented 1 month ago

After a kubescape scan, we have detected that Anonymous user has RoleBinding. Should be more secure to close it. Thanks

gecube commented 1 month ago

@matthieu-robin Hi! Please provide more detailed report from kubescape. It does sound like a critical vulnerability, but we will look what we can do with it. Also it is not clear about which cluster you are talking about - main (based on talos) or tenant ones.

matthieu-robin commented 1 month ago

Hi, here is the full report of Kubescape based on the version 0.16.2 of Cozystack ( Talos version 1.7.1). The command used: kubescape scan -v -e tenant-ssl-jluc,opencost,neuvector,tenant-matthieu --format html --output results.html results.html.zip

Let me know if you need more help on this