k8s-missing-network-policies: Check for Missing Network Policies in Kubernetes

日期: 2025-08-01 | 影响软件: k8s | POC: 已公开

漏洞描述

Checks if any network policies are defined across all namespaces in the Kubernetes cluster.

PoC代码[已公开]

id: k8s-missing-network-policies

info:
  name: Check for Missing Network Policies in Kubernetes
  author: princechaddha
  severity: medium
  description: |
    Checks if any network policies are defined across all namespaces in the Kubernetes cluster.
  impact: |
    Not having network policies in place can expose namespaces to potential security risks by allowing unrestricted network traffic.
  remediation: |
    Define and apply network policies to manage ingress and egress traffic within namespaces effectively. Use `kubectl apply -f <network-policy-file.yaml>` to enforce network boundaries.
  reference:
    - https://kubernetes.io/docs/concepts/services-networking/network-policies/
  tags: cloud,devops,kubernetes,devsecops,k8s,k8s-cluster-security

self-contained: true

code:
  - engine:
      - sh
      - bash
    source: kubectl get networkpolicies -A

    matchers:
      - type: word
        part: stderr
        words:
          - 'No resources found'

    extractors:
      - type: dsl
        dsl:
          - "No Network Policies found"
# digest: 4a0a00473045022100a454dc52b9d885d9b4283bc85035b168887916312ece9e4e57cf9bb8ca8cf86e02200e256c353de692f3939cba7d24e4a00f3f8d01a5340829aaa3a1d7367bca344d:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./cloud/kubernetes/network-policies/k8s-missing-network-policies.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐