Bitnami's security team has reviewed our image library. As a result, we have confirmed that Bitnami virtual machines and single-VM cloud images are not vulnerable to this attack because they do not expose Elasticsearch publicly by default; Elasticsearch is proxied through Apache with authentication.
One Bitnami listing, "Elasticsearch Cluster" on Microsoft Azure, was found to be vulnerable. This listing was removed earlier this week and we are notifying the small number of users who may have installations based on the affected template.
Since the scale of the attack appears to be growing, we recommend that all users of Bitnami Elasticsearch on all cloud platforms check that their installations are secure. Deployments that were secure at launch may have been accidentally opened to the Internet by changing the default configuration.
Since the scale of the attack appears to be growing, we recommend that all users of Bitnami Elasticsearch on all cloud platforms check that their installations are secure. Deployments that were secure at launch may have been accidentally opened to the Internet by changing the default configuration.
We recommend that you immediately ensure that your Elasticsearch is not exposed to the public internet by reviewing:
a) Inbound firewall rules prevent traffic to ports 9200-9300 from the Internet
or
b) Moving any Elasticsearch deployments to private networks
How to restrict access to port 9200 on Microsoft Azure:
1. Login to Microsoft Azure Portal.
2. Using the left hand navigation bar, go to “Resource groups”.
3. Select the resource group your Elasticsearch Cluster application is located in.
4. Select the "Network Security Group" to edit the properties.
a) Inbound firewall rules prevent traffic to ports 9200-9300 from the Internet
or
b) Moving any Elasticsearch deployments to private networks
How to restrict access to port 9200 on Microsoft Azure:
2. Using the left hand navigation bar, go to “Resource groups”.
3. Select the resource group your Elasticsearch Cluster application is located in.
4. Select the "Network Security Group" to edit the properties.
6. Click the blue “Save” button at the top of the window.
If you have been affected by this attack or need additional help updating your Bitnami Elasticsearch, please contact us directly through our Helpdesk and we will do our best to assist you. https://bitnami.zendesk.com/hc/en-us.