Kubernetes: Kubernetes Dashboard

Usually found on port 30000

kube-hunter finding for it:

Vulnerabilities
+———————–+—————+———————-+———————-+——————+
| LOCATION              | CATEGORY      | VULNERABILITY        | DESCRIPTION          | EVIDENCE         |
+———————–+—————+———————-+———————-+——————+
| 1.2.3.4:30000         | Remote Code   | Dashboard Exposed    | All oprations on the | nodes: pach-okta |
|                       | Execution     |                      | cluster are exposed  |                  |
+———————–+—————+———————-+———————-+——————+

Why do you care?  It has access to all pods and secrets within the cluster. So rather than using command line tools to get secrets or run code you can just do it in a web browser.

Screenshots of what it looks like: