TF 0461 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Elasticsearch domain isn't encrypted at rest.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | elastic-search |
| Provider | AWS |
| Vulnerability Type | omission |
Description
You should ensure your Elasticsearch data is encrypted at rest to help prevent sensitive information from being read by unauthorised users.
Resolution
Enable ElasticSearch domain encryption