Open korniko98 opened 5 months ago
The system:authenticated group in GKE includes anyone with a Google account, and could be assigned to cluster admin.
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/
Summary (give a brief description of the issue)
The system:authenticated group in GKE includes anyone with a Google account, and could be assigned to cluster admin.
References (provide links to blogposts, etc.)
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/