ElastiCache Using Default Port
- Query id: 7cc6c791-5f68-4816-a564-b9b699f9d26e
- Query name: ElastiCache Using Default Port
- Platform: Ansible
- Severity: Low
- Category: Networking and Firewall
- URL: Github
Description¶
ElastiCache should not use the default port (an attacker can easily guess the port). For engine set to Redis, the default port is 6379. The Memcached default port is 11211
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: Basic example
community.aws.elasticache:
name: "test-please-delete"
state: present
engine: memcached
cache_engine_version: 1.4.14
node_type: cache.m1.small
num_nodes: 1
cache_port: 11211
cache_subnet_group: default
zone: us-east-1d
Positive test num. 2 - yaml file
- name: Basic example2
community.aws.elasticache:
name: "test-please-delete"
state: present
engine: redis
cache_engine_version: 1.4.14
node_type: cache.m1.small
num_nodes: 1
cache_port: 6379
cache_subnet_group: default
zone: us-east-1d