Note: The Transport Port in Elasticsearch is disabled by default. The security vulnerability in Elasticsearch released prior to 1.6.1 does not affect the default Recovery Manager for Exchange (RME) deployment as the Elasticsearch transport port is not being used by RME.
If you do not have Exchange Database (.edb) indexing enabled, or you are not using an Exchange Database (.edb) as Source Storage at all, you can safely stop and disable the Elasticsearch 1.5.0(elasticsearch_rmex2) service from Services.msc to ensure the Transport Port in Elasticsearch will never be activated, even though RME does not use it.
The "Find" (search) function in Recovery Manager for Exchange will still work as it has implementation not based on indexing and elasticsearch.
STATUS
Waiting for fix in version 5.8.3. In Recovery Manager for Exchange 5.8.3 Elasticsearch has been updated to 1.6.0 to resolve the security vulnerability.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center