We getting vulnerability on ES port

Elastic Stack Elasticsearch
1

We getting vulnerability on ES port which is 5200.

Plugin Output:
The following web pages use Basic Authentication over an unencrypted
channel :

/:confused: realm=""security""

2

Do you have TLS enabled?

3

Hi mark warkolm ,

Thanks for update. here is my cfg file.

node.name: elasticsearch_1
path.data: /opt/elasticsearch
path.logs: /var/log/elasticsearch
http.port: 5200
transport.port: 5300
path.repo: /opt/elastic_snapshot

 

cluster.name: sbiuk-dev
cluster.initial_master_nodes: ['10.191.155.181', '10.191.155.182', '10.191.155.179']
discovery.seed_hosts: ['10.191.155.181', '10.191.155.182', '10.191.155.179']
network.host: 0.0.0.0
http.host: 0.0.0.0
node.master: True
node.data: True
node.ingest: True
discovery.zen.minimum_master_nodes: 2
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elasticsearch_1.p12
xpack.security.transport.ssl.truststore.path: elasticsearch_1.p12
xpack.monitoring.collection.enabled: true
4

You do not have https enable, you need to enable it if you want to stop receiving that vulnerability alert.

Check the documentation for your specific version on how to configure it.

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.