STIGQter: STIG Summary: Kubernetes Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

Kubernetes dashboard must not be enabled.

DISA Rule

SV-242395r712541_rule

Vulnerability Number

V-242395

Group Title

SRG-APP-000033-CTR-000095

Rule Version

CNTR-K8-000420

Severity

CAT II

CCI(s)

CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

Fix Recommendation

Delete the Kubernetes dashboard deployment with the following command:

kubectl delete deployment kubernetes-dashboard --namespace=kube-system

Check Contents

From the master node, run the command:

kubectl get pods --all-namespaces -l k8s-app=kubernetes-dashboard

If any resources are returned, this is a finding.

Vulnerability Number

V-242395

Documentable

False

Rule Version

CNTR-K8-000420

Severity Override Guidance

From the master node, run the command:

kubectl get pods --all-namespaces -l k8s-app=kubernetes-dashboard

If any resources are returned, this is a finding.

Check Content Reference

Target Key

5376

Kubernetes dashboard must not be enabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments