KICS Security Scan #18
tbauriedelAnnotations
10 warnings
|
[HIGH] Passwords And Secrets - Generic Password:
molecule/elasticstack_default/converge.yml#L21
Query to find passwords and secrets in infrastructure code.
|
|
[HIGH] Passwords And Secrets - Generic Password:
molecule/elasticsearch_test_modules/converge.yml#L53
Query to find passwords and secrets in infrastructure code.
|
|
[MEDIUM] Communication Over HTTP:
roles/elasticsearch/tasks/main.yml#L276
Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks
|
|
[MEDIUM] Communication Over HTTP:
molecule/elasticsearch_no-security/verify.yml#L14
Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks
|
|
[MEDIUM] Communication Over HTTP:
molecule/elasticsearch_no-security/verify.yml#L27
Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks
|
|
[LOW] Unpinned Package Version:
roles/beats/tasks/metricbeat.yml#L72
Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service
|
|
[LOW] Unpinned Package Version:
roles/beats/tasks/metricbeat.yml#L45
Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service
|
|
[LOW] Unpinned Package Version:
roles/beats/tasks/auditbeat.yml#L71
Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service
|
|
[LOW] Unpinned Package Version:
molecule/elasticstack_default/prepare.yml#L49
Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service
|
|
[LOW] Unpinned Package Version:
roles/beats/tasks/filebeat.yml#L70
Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service
|