admin/geedge-jira
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44a78204e47478c17039013887fed2077df429c8
geedge-jira/md/OMPUB-593.md

42 lines
1.4 KiB
Markdown
Raw Normal View History

first
2025-09-14 21:52:36 +00:00
# TSG中开源组件被扫描到无授权访问限制
| ID | Creation Date | Assignee | Status |
|----|----------------|----------|--------|
| OMPUB-593 | 2022-08-22T19:22:45.000+0800 | 郑超 | 已关闭 |
---
网安中心WY环境扫描线上服务器上软件漏洞时发现TSG组件存在无授权和弱密钥访问用户要求修复
* 【已解决】2022年6月28日TSG21.05版本的CM的服务器上被扫描出MariaDB数据库密码存在弱口令情况。
** 与研发沟通后根据研发提供的修改文档6月30日完成网安中心TSG CM的数据库密码修改。
* 2022年8月18日TSG 21.05版本发现以下问题:
** TSG OS服务器上存在redis未授权访问漏洞
** OLAP服务器上存在zookeeper未授权访问漏洞。**zhengchao** commented on *2022-08-25T13:53:17.022+0800*:
Redis服务改为监听127.0.0.1:6379Zookeeper服务配置防火墙只授权OLAP所在服务器访问。
---
attachment link
2025-09-14 22:26:17 +00:00
# Attachments
first
2025-09-14 21:52:36 +00:00
attachment link
2025-09-14 22:26:17 +00:00
Attachment: redis问题.jpg
![redis问题.jpg](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/30634/redis问题.jpg)
first
2025-09-14 21:52:36 +00:00
attachment link
2025-09-14 22:26:17 +00:00
Attachment: zookeeper问题.jpg
![zookeeper问题.jpg](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/30635/zookeeper问题.jpg)
Attachment: zookeeper问题2.jpg
![zookeeper问题2.jpg](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/30636/zookeeper问题2.jpg)
first
2025-09-14 21:52:36 +00:00
Reference in New Issue Copy Permalink