Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.Original topic: TiCDC Swagger API 未授权访问漏洞
|
username: TiDBer_CQ
TiCDC Swagger API unauthorized access vulnerability, experts, do you have any solutions?
|
username: TiDBer_CQ
|
username: Did you upgrade? Swagger is disabled by default after TiDB 5. Could it be that TiDB is disabled but TiCDC is not…
It’s not an upgrade. Can it be disabled in the configuration file?
It seems not possible, you need to recompile… Can you block this port through the firewall to prevent leakage scanning?
|
username: It’s better to block it with a firewall; that’s what we do here.
|
username: