| Test | Result | Applied Fixes | Comment |
|---|
| Lynis | Pass | 27 fixed applied, see Steps To Implement Security Scan Requirements | To maintain the pass result, need to restart the server if it's required |
| Vuls | 8 CVEs with score > 9.0 |
| - Performed the Vuls tests on two other distros as well:
- Ubuntu 20.04: 4 CVEs with score > 9.0
- CentOS 8: 3 CVEs with score > 9.0
- Manually installed 0.9.4 libssh to fix https://nvd.nist.gov/vuln/detail/CVE-2019-14889, but Vuls still shows the same CVE.
- The bluval code requires all CVEs to be fixed, no matter what the score is.
|
| Kube-Hunter | - Remote cluster scan passes
- Remote node scan passes
- Inside a Pod shows "fail" but not true.
|
|
|
| Conformance |
|
|
|