Elasticsearch domain uses plaintext traffic for node to node communication.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | elastic-search |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
Elasticsearch domains should use encrypted communication between nodes to ensure the confidentiality and integrity of data as it is transmitted. Using plaintext traffic exposes the communication to interception.
Impact#
Plaintext communication between Elasticsearch nodes exposes sensitive data to potential eavesdropping, leading to unauthorized access or data breaches.
Resolution#
Enable encrypted node to node communication