Security Group Elasticsearch (9300) Port Open to Public

Tenacity Id

Risk Level

Categories

security-group-011

4

Last Updated:

April 21, 2022

An unused AWS Security Group allows public access to the Elasticsearch port (9300). Public access to this port could expose data to unauthorized or unintended applications, users, or malicious actors. Unused Security Groups should be removed, or if re-assigned, remove or restrict the inbound rule allowing Elasticsearch (port 9300) in this Security Group.