cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vulnerability on Dynatrace servers - Enable native user authentication - |Ticket No - SUP-75521

osadmin
Newcomer

Hi Team,

Elasticsearch Unrestricted Access Information Disclosure
Description VA-
The Elasticsearch application running on the remote web server is affected by an information disclosure vulnerability due to a failure to restrict resources via authentication. An unauthenticated, remote attacker can exploit this to disclose sensitive information from the database.
PORT - 9200

Requirement - Pre request for LDAP configuration for user authentication

As per auditor request to close this VA
Enable native user authentication or integrate with an external user management system such as LDAP and Active Directory.

Request you to please share SOP for the same.

1 REPLY 1

ChadTurner
Leader

@osadmin do you still need assistance with this? 

-Chad