Inside Job: Defending Kubernetes Clusters Against Network Misconfigurations

TL;DR

This paper investigates the security risks posed by network misconfigurations in Kubernetes clusters, analyzing real-world applications to identify vulnerabilities and proposing mitigations that have already fixed issues in several cases.

Contribution

It provides a comprehensive analysis of network misconfigurations in Kubernetes, identifying more vulnerabilities than existing solutions and offering practical mitigations.

Findings

Identified 634 misconfigurations across 287 applications.

Discovered misconfigurations beyond current state-of-the-art solutions.

Fixed issues in over thirty applications through proposed mitigations.

Abstract

Kubernetes has emerged as the de facto standard for container orchestration. Unfortunately, its increasing popularity has also made it an attractive target for malicious actors. Despite extensive research on securing Kubernetes, little attention has been paid to the impact of network configuration on the security of application deployments. This paper addresses this gap by conducting a comprehensive analysis of network misconfigurations in a Kubernetes cluster with specific reference to lateral movement. Accordingly, we carried out an extensive evaluation of 287 open-source applications belonging to six different organizations, ranging from IT companies and public entities to non-profits. As a result, we identified 634 misconfigurations, well beyond what could be found by solutions in the state of the art. We responsibly disclosed our findings to the concerned organizations and engaged in a discussion to assess their severity. As of now, misconfigurations affecting more than thirty applications have been fixed with the mitigations we proposed.