-
Title
Is Recovery Manager for Exchange impacted by the Elasticsearch 1.5.0 security vulnerability ? -
Description
Elasticsearch component version 1.5.0 has been identified as a security risk. Is Recovery Manager for Exchange impacted by this vulnerability? -
Resolution
WORKAROUNDNote: The Transport Port in Elasticsearch is disabled by default. The security vulnerability in Elasticsearch released prior to 1.6.1 does not affect the default Recovery Manager for Exchange (RME) deployment as the Elasticsearch transport port is not being used by RME.
If you do not have Exchange Database (.edb) indexing enabled, or you are not using an Exchange Database (.edb) as Source Storage at all, you can safely stop and disable the Elasticsearch 1.5.0(elasticsearch_rmex2) service from Services.msc to ensure the Transport Port in Elasticsearch will never be activated, even though RME does not use it.
The "Find" (search) function in Recovery Manager for Exchange will still work as it has implementation not based on indexing and elasticsearch.
STATUS
Waiting for fix in version 5.8.3. In Recovery Manager for Exchange 5.8.3 Elasticsearch has been updated to 1.6.0 to resolve the security vulnerability.
-
Defect ID
RMEX-356 -
Additional Information
https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736