You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "Marco Sinhoreli (JIRA)" <ji...@apache.org> on 2018/05/24 16:58:00 UTC

[jira] [Created] (CLOUDSTACK-10378) udp port 111 (rpcbind) is exposed in the public interface on SSVM

Marco Sinhoreli created CLOUDSTACK-10378:
--------------------------------------------

             Summary: udp port 111 (rpcbind) is exposed in the public interface on SSVM
                 Key: CLOUDSTACK-10378
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10378
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: SystemVM
    Affects Versions: 4.11.0.0
            Reporter: Marco Sinhoreli


If you expose the RPC/portmap udp port 111 service to the internet, everybody can query this information without having to authenticate. It can be useful to attackers to know what you have running.

Also, the RPC service has a history of security vulnerabilities.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)