Publicly accessible Google VM instance contains critical vulnerabilities with greater than 30 days exposure time

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Unpatched vulnerabilities can increase the likelihood of exposing system weaknesses creating an entry point for attackers to gain unauthorized access to the host. This can lead to data breaches, unauthorized modifications, or control of the underlining system.

Remediation

  1. Review any associated vulnerability references or advisories.
  2. Apply the appropriate patch based on remediation guidance. If no patch is available, apply compensating controls such as disabling or removal of the vulnerable component.
  3. Assess whether this instance needs to be accessible from the internet. If not, restrict access to the instance.