A network security audit on a customer infrastructure reported a vulnerability on the cerebro http (port 2020) who is open on http in every CVM and without any security prompt.
Some sensitives informations are visible :
- AOS version : el7.3-release-euphrates-5.10.7-stable-...
- VM Names
- Protection Domain names
- Witness ip address
Is there’s a way to secure this component ?
Best answer by sbarab