feat: Update description of "Initial Access" in workload-unauthentica…

…ted-service.json Signed-off-by: kooomix <eranm@armosec.io>
kubescape · Aug 15, 2024 · 2c91979 · 2c91979
1 parent 1876df0
commit 2c91979
Showing 1 changed file with 3 additions and 10 deletions.
diff --git a/attack-tracks/workload-unauthenticated-service.json b/attack-tracks/workload-unauthenticated-service.json
@@ -8,18 +8,11 @@
         "version": "1.0",
         "data": {
             "name": "Initial Access",
-            "description": "An attacker can access the Kubernetes environment.",
+            "description": "The service is exposed outside the Kubernetes network.",
             "subSteps": [
                 {
-                    "name": "Execution (Vulnerable Image)",
-                    "description": "An attacker can execute malicious code by exploiting vulnerable images.",
-                    "checksVulnerabilities": true,
-                    "subSteps": [
-                        {
-                            "name": "Data Collection",
-                            "description": "An attacker can gather data."
-                        }
-                    ]
+                    "name": "Data Collection",
+                    "description": "Database access is missing authentication and it can be accessed by anyone"
                 }
             ]
         }