Network misconfigurations

Elasticsearch is not using HTTPS

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Elasticsearch is not running with HTTPS. HTTPS uses TLS to encrypt client connections and those between different components of the Elastic stack (Logstash, Kibana, Elasticsearch). Without TLS, you run the risk of eavesdropping and man-in-the-middle attacks.
  • Recommended Mitigation

    Use HTTPS to encrypt communication with clients and between different components of the Elastic stack. Encryption is necessary to prevent man-in-the-middle attacks and data leakage.