Sean Lathan
When editing the Elasticsearch details page in ploi, clicking the save button seems to completely overwrite the elasticsearch.yml file with only the attributes found on the details page. This causes deletion of all other attributes that have been added manually via terminal such as the very critical xpack.security.enabled: true
.
Since there is no confirmation popup when saving server details, it can be quite easy to click save by accident, or without knowing the security implications of doing so. Thus, the potential for accidentally removing all security from the Elasticsearch node and leaving it wide open for anyone to have full read/write access to is very high.
The preferred behavior would be keeping manually added attributes, especially ciritcal security attributes that can lead to a data breach. An additional "nice to have" would be a field for xpack.security.enabled
on the details page.
Saving Elasticsearch Details Overwrites Custom Attributes - Security Vulnerability
-
Dennis moved item to board Planned
1 month ago -
Sean Lathan moved item to project Server Level Requests
1 month ago -
Sean Lathan created the item
1 month ago