#967 Equitas || Insight Viz not loading

#967 Equitas || Insight Viz not loading






Solution Document


VuSmartmaps Not Loading

Overview

General/Customer specific

General

Author

XYZ

Reviewer

Seema

Approver

 Ravi 

Release date

13/09/2021

Product Version

8.X and 7.X


Audience: CSG/TechWarriors/PAC/Platform/Product teams


What’s the Issue? 

Vulnerability fix required in Equitas

  1. Redis Server Unprotected by Password Authentication
  2. Apache mod_status /server-status Information Disclosure
  3. Elasticsearch Unrestricted Access Information Disclosure

Describe the Issue in Detail

         (Add Snaps Of the issue)



Solution Summary

Solution Steps in Detail

Note - (Add Snaps Of steps wherever applicable)

Redis Server Unprotected by Password Authentication  

Issue : Redis was exposed to everyone and so it can share all the details. 

Solution: To restrict access. We have removed redis access from the host machine as well as localhost. Port will only be accessible through containers only.  

Action : Removed port from 4_redis.yml file.


Apache mod_status /server-status Information Disclosure 

Issue: By exposing server-status it exposesA remote unauthenticated attacker can obtain an overview of the remote Apache web server's activity and performance by requesting the URL '/server-status'.  This overview includes information such as current hosts and requests being processed, the number of workers idle and service requests, and CPU utilization.

Solution: Remove the server-status from mod-status.conf file of apache2.


Action :  Perform below steps

  1. login to vuinterface-1

    vsmaps login vuinterface-1
  2. open file  /etc/apache2/mods-enabled/status.conf and comment below line.


  1.  then save it and restart vuinterface container

Elasticsearch Unrestricted Access Information Disclosure

Issue:  The Elasticsearch application running on the remote web server is affected by an information disclosure vulnerability due to a failure to restrict resources via authentication. An unauthenticated, remote attacker can exploit this to disclose sensitive information from the database.

Solution : Block all the unauthenticated and remote access. To do this we have blocked all the remote access. It will be accessible only through localhost and container.

Action : Run below line on all the servers where elasticsearch is running.


Corrective actions if any to avoid in future

  1. No


More Help: -


References






    • Related Articles

    • SOP- VuSmartMaps not loading

      Standard Operating Procedure for L1 Support Team for vuSmartMaps not loading issue. If User reports that vuSmartMaps is not getting loaded or internal server 404 error, then most likely web service (apache2) is not running.  Login to shipper and ...

    • #967 - CICI || Older Indices are not getting archived/deleted

      Solution Document ICICI || Older Indices are not getting archived/deleted Overview General/Customer specific General Author Seema Prasath Reviewer NA Approver NA Release date 18/08/2023 Product Version 9.5r0 Audience: ...

    • BMCSL - Incidents counts are not matching - 652

       BMCSL - Incidents counts are not matching VuSmartmaps Not Loading Overview General/Customer specific General Author Rukmini Reviewer Arun Approver Release date 21/11/2022 Product Version 9.1r3 Audience: CSG/TechWarriors/PAC/Platform/Product teams ...

    • Issue With Complete List of Users

      Not able to see complete list of users in following viz.. we are logging in every day with our individual ids, but not able to see our ids apart from Jaydeep’s id. Ids are visible in the index. Bucket size of viz is also not an issue. ANS - The issue ...

    • Issue With Number Of Rows Of Matrix In Report

      When using a matrix in a report and trying to download. There are only 20 rows getting downloaded out of 150.. How can it be modified to download all rows? Even after Using the option to show all rows in one single page in the Viz, the issue remains ...