Regarding the security of the ELK stack docker images

signum · May 13, 2021, 8:52am

Hi, I am trying out the docker version of the ELK stack, and have noted that when I scan it using trivy / "docker scan", it is showing some OS related vulnerabilities for libraries such curl etc. Can I understand if these findings are accurate and if anyone is able to advise on this?

Thank you for any advice on this matter!

austinsonger · May 14, 2021, 5:04pm

If the docker container you are using isn't from the following elastic's Profile (docker.com), then there isn't much Elastic can help you on.
Can you send the link to the elk docker your using (Github or Docker Hub)
Can you send the CVE numbers for the vulnerabilities?
I would recommend you to use this ELK docker by Swimlane GitHub - swimlane/elk-tls-docker: This repository contains code to create a ELK stack with certificates & security enabled using docker-compose

signum · May 19, 2021, 1:14am

Hi,

This would be from docker.elastic.co/elasticsearch/elasticsearch:latest

The CVEs are mainly related to the centos side of the containers, will highlight some of them here:

i) CVE-2021-22876
ii) CVE-2020-8625
iii) CVE-2021-20305

I will take a look at the Swimlane ELK Docker as well, thank you for the info!

system · June 16, 2021, 1:14am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Security Vulnerability in ELK stack during docker scan by twistlock Elasticsearch	2	543	June 22, 2021
Vulnerabilities in docker image elasticsearch/elasticsearch:7.17.8 Elasticsearch docker	6	796	February 15, 2023
Update ELK-Stack with new security features in docker Elasticsearch	5	684	June 19, 2019
Security vulnerabilities in Elasticsearch docker images - v 8.2.0 Elasticsearch docker	3	449	June 23, 2022
Trying to deploy elk as a docker service with certificate Elasticsearch docker	1	642	January 24, 2022

Regarding the security of the ELK stack docker images

Related topics