We getting vulnerability on ES port

umesh1 · December 21, 2022, 10:57am

We getting vulnerability on ES port which is 5200.

Plugin Output:
The following web pages use Basic Authentication over an unencrypted
channel :

/ realm=""security""

warkolm · December 21, 2022, 7:49pm

Do you have TLS enabled?

umesh1 · December 22, 2022, 5:12am

Hi mark warkolm ,

Thanks for update. here is my cfg file.

node.name: elasticsearch_1
path.data: /opt/elasticsearch
path.logs: /var/log/elasticsearch
http.port: 5200
transport.port: 5300
path.repo: /opt/elastic_snapshot

 

cluster.name: sbiuk-dev
cluster.initial_master_nodes: ['10.191.155.181', '10.191.155.182', '10.191.155.179']
discovery.seed_hosts: ['10.191.155.181', '10.191.155.182', '10.191.155.179']
network.host: 0.0.0.0
http.host: 0.0.0.0
node.master: True
node.data: True
node.ingest: True
discovery.zen.minimum_master_nodes: 2
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elasticsearch_1.p12
xpack.security.transport.ssl.truststore.path: elasticsearch_1.p12
xpack.monitoring.collection.enabled: true

leandrojmp · December 22, 2022, 1:05pm

You do not have https enable, you need to enable it if you want to stop receiving that vulnerability alert.

Check the documentation for your specific version on how to configure it.

system · January 19, 2023, 1:05pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.