https://bugzilla.redhat.com/show_bug.cgi?id=1244236
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=important,public=201 |impact=important,public=201 |50716,reported=20150717,sou |50716,reported=20150717,sou |rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N |/AC:M/Au:N/C:P/I:P/A:P,fedo |/AC:M/Au:N/C:P/I:P/A:P,fedo |ra-all/elasticsearch=affect |ra-all/elasticsearch=affect |ed,rhn_satellite_6/elastics |ed,rhn_satellite_6/elastics |earch=affected,sam-1/elasti |earch=wontfix,sam-1/elastic |csearch=affected |search=wontfix
--- Comment #3 from Kurt Seifried kseifried@redhat.com --- Mitigation:
For Satellite 6.x and Sam 1.x you can simply firewall elasticsearch to trusted users only (e.g. root, katello, foreman). For instructions on this please see:
https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.0/html-sin...