AS

Issue: Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253.



Solution: Users that do not want to upgrade can address the vulnerability by securing the transport protocol port (default 9300) to allow access by only trusted agents.

Query: How can we secure the transport protocol port [default 9300] where ElasticSearch and ARis application are running on same server.

http://www.nessus.org/u?c6b6cf1a

by André Vitor Oliveira
Posted on Thu, 01/09/2020 - 20:03

Hi  Anushik,



Which ARIS version do you have ? this is important to know ...

For example to the ARIS 10 SR1 the Elastic Search provided with the ARIS is ElasticSearch version 5.6.10



BR



AO

0
by Anushik Soni Author
Posted on Fri, 01/10/2020 - 09:09

In reply to by André Vitor

Hi Andre Vitor Oliveira,

Thanks for your response. We have Aris 9.8.10 version. Please let us know anthing else required from our end.

File attachments
0
by André Vitor Oliveira
Posted on Mon, 01/13/2020 - 18:00

Hi Anushik,

I'm checking the information and will update you soon

BR

AO

0
by André Vitor Oliveira
Posted on Tue, 01/14/2020 - 13:24

Hi Anushik

The ARIS 9.8.10 uses elasticsearch 1.7.5, and this version is more higher that version with the issue related, then it means that issue was fixed in this version but you can confirm with nessus.org

BR

AO

0
by Anushik Soni Author
Posted on Tue, 01/14/2020 - 15:23

Hello Andre,

Thanks for your response.

The installed version of ElasticSearch is 1.4.2
The required version for removing the vulnerability is either 1.6.1 or 1.7.0

Now we do not want to upgrade the ElasticSearch or ARis application.

However, this vulnerability can also be removed by securing the transport protocol port [9300].

We want to remove the vulnerability following the alternative approach i.e. securing the transport protocol port [9300].

Can you please guide us the process to achive the same.

0
by André Vitor Oliveira
Posted on Thu, 01/16/2020 - 14:12

Hi Anushik,
The ARIS 9.8.10 uses elasticsearch 1.7.5, where you find the "1.4.2" ? ....
 

BR

AO

0
by Anushik Soni Author
Posted on Mon, 01/20/2020 - 13:38

Hello Andre,

Can you help us on how to identify the elasticsearch version in Aris application.

That may be of help for us.

We will follow your steps to identify the version installed.

0
by André Vitor Oliveira
Posted on Wed, 01/22/2020 - 14:46

Hi Anushik,
Please check using this URL: http://localhost:19976/ ( on the Server ) and will see version... number... or http://<servername>:19976 

BR
AO

0
by Anushik Soni Author
Posted on Thu, 01/23/2020 - 20:42

Hello ,

We have gone through the version and it is 1.4.2.

Can you also help us to identify the ARis version on server?

0
by André Vitor Oliveira
Posted on Fri, 01/24/2020 - 21:36

Hi

Sure, please check this log:

server\bin\work\work_abs_s\base\webapps\abs\log\server.log
 And the line "start server:  x x x x x"

Let me know

BR

AO

0
by Anushik Soni Author
Posted on Sun, 01/26/2020 - 10:18

This is what we got from the location shared by you.

It seems the version we have is 9.8.

Also can you please share with us your contact number or skype ID so that we can contact you once and make you understand the issue and you can provide us the solution if possible.

 

0
by André Vitor Oliveira
Posted on Wed, 01/29/2020 - 21:56

Hi  Anushik,

Sure, provide me your skype user id and I will find you.


BR

AO

0

Featured achievement

Rookie
Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks

Leaderboard

|
icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock