Risk Level: Low
Description
This plugin guarantees that SSL Access Only component is empowered or enabled for Azure Redis Caches. SSL Access just ought to be empowered for Azure Cache for Redis to meet the association's security consistency prerequisites.
About the Service
Azure Cache for Redis:
Azure Cache for Redis is a fully managed, in-memory cache that enables high-performance and scalable architectures. Use it to create cloud or hybrid deployments that handle millions of requests per second at sub-millisecond latency—all with the configuration, security, and availability benefits of a managed service. For more information, click here.
Impact
The utilization of secure associations guarantees validation between the store server and the assistance of the application and ensures information on the way against network layer assaults, for example, man-in-the-middle (MITM), snooping, and meeting commandeering. When working with creation information, it is energetically prescribed to carry out encryption to shield it from unapproved access and satisfy consistent necessities for information encryption inside your association. For instance, a consistent necessity is to ensure delicate information that might actually distinguish a particular individual like Personally Identifiable Information (PII) information, typically utilized in Financial Services, Healthcare, and Telecommunications areas.
Steps to Reproduce
In order to determine, if SSL connection to your Azure Redis Cache is enabled, follow the steps given below:
Using Azure Console-
- Firstly, sign in to the Azure Management Console with your registered organization email address.
- Under Azure Services, choose Subscriptions.
- A new Subscription page will be opened up. Choose the subscription for which the issue has to be examined.
- Now, under All Services option, select Azure Cache for Redis nav link.
- A list of all Azure Cache for Redis will show up. Choose the name of the Redis Cache Server that you want to examine.
- In the navigation panel, under the Settings choose Advanced Settings. A new page with details of the selected cache for Redis will appear.
- On the Advanced settings page, check for the Allow access only via SSL configuration settings. In case, the value is set to be NO, then the selected Azure Redis Cache server is not enabled with an SSL connection.
- Follow the steps above, for other Redis Cache Server in the current subscription as well as in other subscriptions in your Azure Cloud.
Steps for Remediation
In order to reconfigure Azure Redis Cache servers to be enabled for the SSL connections, follow the steps given below:
Using Azure Console-
- Firstly, sign in to the Azure Management Console with your registered organization email address.
- Under Azure Services, choose Subscriptions.
- A new Subscription page will be opened up. Choose the subscription for which the issue has to be examined.
- Now, under All Services option, select Azure Cache for Redis nav link.
- A list of all Azure Cache for Redis will show up. Choose the name of the Redis Cache Server that you want to examine.
- In the navigation panel, under the Settings choose Advanced Settings. A new page with details of the selected cache for Redis will appear.
- On the Advanced settings page, check for the Allow access only via SSL configuration settings. In case, the value is set to be NO, then the selected Azure Redis Cache server is not enabled with an SSL connection.
- In order to enable SSL connection in the selected Azure Cache for Redis service, choose the YES option under Allow access only via SSL.
- Now, click on the Save button to save your current settings.
- Follow the steps above, for other Redis Cache Server in the current subscription as well as in other subscriptions in your Azure Cloud.
Please feel free to reach out to support@pingsafe.ai with any questions that you may have.
Thanks
PingSafe Support