Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: 831cb76b8e05df46aa22915eba889938cf8b80a6cf8b80a6cf8b80a6cf8b80a6
Indices: 2, document count: 4676, size: 4.6 MB Found index kibana_sample_data_ecommerce with 4675 documents (4.5 MB) Found index users with 1 documents (5.0 kB)
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: 831cb76b8e05df46aa22915e0e74addedd6d4eb80b467d260b467d260b467d26
Indices: 2, document count: 4676, size: 4.6 MB Through Kibana endpoint Found index kibana_sample_data_ecommerce with 4675 documents (4.5 MB) Found index users with 1 documents (5.0 kB)
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa720f377ffacbffd0497e7440497e7440497e7440
NoAuth Found topic __transaction_state Found topic my-topic Found topic __consumer_offsets