Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

CVE-2021-23017 issue for services running behind Network load balancer

0

We have a couple of services running on EKS fargate accessible from internet via network load balancers.

We have recently conducted external penetration testing as part of our compliance process. It identified that the network load balancer is using nginx v1.20 which is subject to a security issue CVE-2021-23017 https://alas.aws.amazon.com/cve/html/CVE-2021-23017.html#score-breakdown . This issue has been fixed in v1.20.1.

Is there a patch that has been applied to network load balancer to fix CVE-2021-23017 or any mitigation we can do to overcome this from client (our) side?

Could anyone provide any pointers for me to gather more information in order to make an assessment of the severity level?

I searched the forum but only found a few posts about this issue with regards to elastic beanstalk, nothing about the network load balancer.

Thank you.

Edited by: yybc9a3 on Nov 26, 2021 3:27 AM

Edited by: yybc9a3 on Nov 26, 2021 3:31 AM

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Elastic Load Balancing
Sprache
English
yybc9a3
gefragt vor 2 Jahren304 Aufrufe
1 Antwort
0

Turned out that it was a massive overlook.... We did run a small nginx container after netwrok load balancer....
Problem solved.

Edited by: yybc9a3 on Nov 26, 2021 6:24 AM

yybc9a3
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt