as sdague states, memcached should not be listening on any sort of public interface, and this is covered in docs already: https://docs.openstack.org/newton/install-guide-rdo/environment- memcached.html -- You received this bug notification because you are a member of OpenStack Security, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1691662 Title: 11211 port for memcached is not certified Status in OpenStack Compute (nova): Expired Status in OpenStack Security Advisory: Won't Fix Bug description: After the user logs in to the openstack node, the data stored in memcached can be obtained with the command "memcached-tool 172.28.8.6: 11211 dump", and no authentication is required. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1691662/+subscriptions