Important Advisory: PagerDuty Process Automation On Prem / Rundeck Key Pair Misconfiguration

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/Rundeck

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
  • Rundeck

    Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

    Yesterday we posted a Security Advisory to Github for a critical vulnerability in Rundeck Community and Rundeck Enterprise Docker images, versions 4.0 and earlier. Those Docker images contained a pre-generated SSH key pair in the default file path. If that key was used to configure SSH access to hosts, they would allow access to anyone with the exposed private key.

  • affected-keys-checks

    Collection of remediation options for exposed key vulnerabilities

    If you think you may be impacted, use one of these options to scan your hosts for the exposed keys, delete any you find, and replace them with a new SSH key pair. You can find more information about the issue and resources for remediation here.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts