search

aquasecurity / kube-hunter

Hunt for security weaknesses in Kubernetes clusters
Apache License 2.0
4.66k stars 578 forks source link

"Found vulnerability" message should include an identifier or URL to not have to google what they mean #472

Open grosser opened 2 years ago

grosser commented 2 years ago

Why is this needed

the logs of kube-hunter Pod are not very helpful, for example

2021-07-27 22:51:23,998 INFO kube_hunter.modules.report.collector Found vulnerability "Foo"

now I have to go and google around for what they mean and if/how I should fix them

danielsagi commented 2 years ago

Hi, The logs are there just until the report is shown, how did you ran kube-hunter? did you see the full report at the end?

grosser commented 2 years ago

running a kubernetes pod

      containers:
      - name: kube-hunter
        image: aquasec/kube-hunter
        command: ["kube-hunter"]
        args: ["--pod"]

I only see Found vulnerability not sure if this is the full report or not