Google > VPC Network >

Open Elasticsearch

HIGH

Source

CloudSploit

ID

open-elasticsearch

management console

Open Elasticsearch

Determines if TCP ports 9200, 9300 for Elasticsearch are open to the public

Databases are the placeholders for most sensitive and confidential information in an organization. Allowing Inbound traffic from external IPv4 addresses to the database ports can lead to attacks like DoS, Brute Force, Smurf and reconnaissance. It is a best practice to block public access, and restrict the Inbound traffic from specific addresses and make the connection secure.

Recommended Actions

Restrict TCP ports 9200, 9300 to known IP addresses.

Links

https://cloud.google.com/vpc/docs/using-firewalls

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use