https://community.netapp.com/t5/NetApp-Console/Redis-vulnerability-against-Classification-VM/m-p/458096#M728 <P>Hi team,</P><P>&nbsp;</P><P>We've deployed a private mode BlueXP Connector and Data Classification VMs to test the Data Classification product against one of our QA filers (sanqanascl100d). Our security team have run a Qualys scan against the Connector and Data Classification VMs. They have reported a redis vulnerability against the BlueXP Connector VM (hostname:sanadmbxp0001d) - specifically, "Redis Server Accessible Without Authentication detected on port 63791 over TCP". I've had a look at the containers running on the Connector VM and there's a Redis server running on a container called "ds_cc_charger_1".</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Pedrol_0-1738146177537.png" style="width: 400px;"><img src="https://community.netapp.com/t5/image/serverpage/image-id/29857iEA4B56E98EFBA6B0/image-size/medium?v=v2&amp;px=400" role="button" title="Pedrol_0-1738146177537.png" alt="Pedrol_0-1738146177537.png" /></span></P><P>&nbsp;</P><P>There is a redis server running in a container called&nbsp;ds_cc_charger_1 running from an image called&nbsp;<A href="https://urldefense.com/v3/__http:/cloudmanagerinfra.azurecr.io/cc_charger_app_and_redis:darksite__;!!Nhn8V6BzJA!VSwnaBPjXaM7n8WUdFwroT9NQQhaZgxSSKkAM2YRMknpKggAyH2Af5moMj8Ez6N2Z8N3sq5AaFw9Zpr4mHDVbdvFq0U$" target="_blank">cloudmanagerinfra.azurecr.io/cc_charger_app_and_redis:darksite</A> which is listening on port 63791:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Pedrol_1-1738146209068.png" style="width: 400px;"><img src="https://community.netapp.com/t5/image/serverpage/image-id/29858iF65A0B0EB34C1F18/image-size/medium?v=v2&amp;px=400" role="button" title="Pedrol_1-1738146209068.png" alt="Pedrol_1-1738146209068.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P><P>the Qualys Vulnerability&nbsp;Scanning tool that has picked this up.</P><P>I have to either get the reported vulnerability remediate or provide an explanation as to what the risk is and how big it is from a security point of view. It may require some kind of config change to be done on redis to alleviate this.</P><P>Support case&nbsp;2010284575&nbsp;</P> Wed, 29 Jan 2025 10:24:53 GMT Pedrol 2025-01-29T10:24:53Z https://community.netapp.com/t5/NetApp-Console/Redis-vulnerability-against-Classification-VM/m-p/458096#M728 <P>Hi team,</P><P>&nbsp;</P><P>We've deployed a private mode BlueXP Connector and Data Classification VMs to test the Data Classification product against one of our QA filers (sanqanascl100d). Our security team have run a Qualys scan against the Connector and Data Classification VMs. They have reported a redis vulnerability against the BlueXP Connector VM (hostname:sanadmbxp0001d) - specifically, "Redis Server Accessible Without Authentication detected on port 63791 over TCP". I've had a look at the containers running on the Connector VM and there's a Redis server running on a container called "ds_cc_charger_1".</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Pedrol_0-1738146177537.png" style="width: 400px;"><img src="https://community.netapp.com/t5/image/serverpage/image-id/29857iEA4B56E98EFBA6B0/image-size/medium?v=v2&amp;px=400" role="button" title="Pedrol_0-1738146177537.png" alt="Pedrol_0-1738146177537.png" /></span></P><P>&nbsp;</P><P>There is a redis server running in a container called&nbsp;ds_cc_charger_1 running from an image called&nbsp;<A href="https://urldefense.com/v3/__http:/cloudmanagerinfra.azurecr.io/cc_charger_app_and_redis:darksite__;!!Nhn8V6BzJA!VSwnaBPjXaM7n8WUdFwroT9NQQhaZgxSSKkAM2YRMknpKggAyH2Af5moMj8Ez6N2Z8N3sq5AaFw9Zpr4mHDVbdvFq0U$" target="_blank">cloudmanagerinfra.azurecr.io/cc_charger_app_and_redis:darksite</A> which is listening on port 63791:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Pedrol_1-1738146209068.png" style="width: 400px;"><img src="https://community.netapp.com/t5/image/serverpage/image-id/29858iF65A0B0EB34C1F18/image-size/medium?v=v2&amp;px=400" role="button" title="Pedrol_1-1738146209068.png" alt="Pedrol_1-1738146209068.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P><P>the Qualys Vulnerability&nbsp;Scanning tool that has picked this up.</P><P>I have to either get the reported vulnerability remediate or provide an explanation as to what the risk is and how big it is from a security point of view. It may require some kind of config change to be done on redis to alleviate this.</P><P>Support case&nbsp;2010284575&nbsp;</P> Wed, 29 Jan 2025 10:24:53 GMT https://community.netapp.com/t5/NetApp-Console/Redis-vulnerability-against-Classification-VM/m-p/458096#M728 Pedrol 2025-01-29T10:24:53Z https://community.netapp.com/t5/NetApp-Console/Redis-vulnerability-against-Classification-VM/m-p/458293#M730 <P>Hello Pedro,&nbsp;</P><P>I believe you have opened a BlueXP Service discussion instead of a Security KX discussion. Please search for "Security KX Discussion" in the search bar and open a new discussion to reach out to Ryan and Team for further assistance on the vulnerabilities observed in the BlueXP Connector. Also, please try to get the Qualys scanner report so that the same can be attached to the Security KX discussion that you will be opening.&nbsp;<BR /><BR />Reference:&nbsp;<A href="https://community.netapp.com/t5/Security-KX-Discussions/bd-p/security-kx-discussions-and-documents" target="_blank">Security KX Discussions - NetApp Community</A></P> Wed, 05 Feb 2025 11:21:37 GMT https://community.netapp.com/t5/NetApp-Console/Redis-vulnerability-against-Classification-VM/m-p/458293#M730 Adithya_Kameswaran 2025-02-05T11:21:37Z