Hi Team, I have installed Prometheus 3.2.1 with JMX Exporter on a few machines where my java based applications (Jira Confluence) are running. After a few days, my Org identified the endpoints of Prometheus as Vulnerable for attacks as they transfer sensitive information like CPU, Memory and other machine statistics via the port (9090 in my case ) I have assigned for Prometheus Service.
Have anyone faced this before and what was the remediation action you took, but still using your Prometheus on the same port ? Thanks! Vhee Van -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-users+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/prometheus-users/019e76e2-566f-415a-aee7-ca56c945601en%40googlegroups.com.
