当前位置:网站首页>Fix vulnerability - mysql, ES
Fix vulnerability - mysql, ES
2022-07-05 18:06:00 【Long Cheng Leo】
One 、 Vulnerability description
Use Green Alliance Scan for leaks :
1、Elasticsearch Unauthorized access
2、mysql server Security vulnerabilities 、 Component security vulnerability
Two 、 Vulnerability investigation
Through the website National Information Security Vulnerability Database View specific vulnerability solutions
1、Elasticsearch You need to add a security authentication plug-in http-basic
because es Version together , The use of http-basic It's not the same way , With my es 6.8.23 For example :
http-basic Download package :
link :https://pan.baidu.com/s/1E_ckdsjnlmUszsSFq_i1AA
Extraction code :zbfn
2、mysql The version of is too low , Change to a higher version
8.0.28 This exists in previous versions CVE-2021-22570 Loophole , at present mysql The latest is 8.0.29 edition , So upgrade mysql To 29 On the version
边栏推荐
- Find the first k small element select_ k
- [paddleclas] common commands
- LeetCode每日一题:合并两个有序数组
- 深拷贝与浅拷贝【面试题3】
- 小林coding的内存管理章节
- Generate XML schema from class
- 第十一届中国云计算标准和应用大会 | 华云数据成为全国信标委云计算标准工作组云迁移专题组副组长单位副组长单位
- OpenShift常用管理命令杂记
- IDC report: Tencent cloud database ranks top 2 in the relational database market!
- 较文心损失一点点性能提升很多
猜你喜欢
ISPRS2022/雲檢測:Cloud detection with boundary nets基於邊界網的雲檢測
Sophon KG升级3.1:打破数据间壁垒,解放企业生产力
pytorch yolov5 训练自定义数据
「运维有小邓」用于云应用程序的单点登录解决方案
Zabbix
GFS分布式文件系统
Sophon kg upgrade 3.1: break down barriers between data and liberate enterprise productivity
Binder开辟线程数过多导致主线程ANR异常
Anaconda中配置PyTorch环境——win10系统(小白包会)
mybash
随机推荐
Teamcenter 消息注册前操作或後操作
破解湖+仓混合架构顽疾,星环科技推出自主可控云原生湖仓一体平台
Zabbix
Star Ring Technology launched transwarp Navier, a data element circulation platform, to help enterprises achieve secure data circulation and collaboration under privacy protection
JVM third talk -- JVM performance tuning practice and high-frequency interview question record
Isprs2022 / Cloud Detection: Cloud Detection with Boundary nets Boundary Networks Based Cloud Detection
苹果手机炒股安全吗?打新债是骗局吗?
Tencent music launched its new product "quyimai", which provides music commercial copyright authorization
About Estimation with Cross-Validation
Maximum artificial island [how to make all nodes of a connected component record the total number of nodes? + number the connected component]
Sophon Base 3.1 推出MLOps功能,为企业AI能力运营插上翅膀
Introduction to Resampling
OpenShift常用管理命令杂记
Find the first k small element select_ k
GFS分布式文件系统
2022新版PMP考试有哪些变化?
基于YOLOv3的口罩佩戴检测
EasyCVR接入设备开启音频后,视频无法正常播放是什么原因?
「运维有小邓」用于云应用程序的单点登录解决方案
Sophon base 3.1 launched mlops function to provide wings for the operation of enterprise AI capabilities