Traceability Loss - Kubernetes
Description
The kubernetes configuration does not set a logging property, which prevents log files from being created. These files are useful for identifying and tracking malicious actions or anomalous behavior. Alternatively, log files do not have sufficient level of detail.
Impact
Perform harmful actions without raising an alert.
Recommendation
Enable auditing on the Kubernetes API Server and set the desired audit log path.
Threat
Authenticated attacker from the Internet.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
075 - Record exceptional events in logs376 - Register severity level377 - Store logs based on valid regulation378 - Use of log management systemFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
H
Attack requirements
N
Privileges required
H
User interaction
N
Confidentiality (VC)
N
Integrity (VI)
L
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
P
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P