Solr 8.4.1
tcp/8983
Solr administration interface is currently open without authentication.
This results in all the database data made available publicly and configuration vulnerable to external alteration.
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999cb26179e2d62e425a7ca14b7
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core trending_rec with 206 documents Found core user_rec with 9375 documents Found core video_rec with 0 documents Found core content_rec with 308 documents Found core news_crawl with 0 documents Found core news_rec with 0 documents
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999f21be5e59fe3890c622d5331
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core news_crawl with 0 documents Found core news_rec with 0 documents Found core trending_rec with 206 documents Found core user_rec with 9375 documents Found core video_rec with 0 documents Found core content_rec with 308 documents
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999d1633d10e695db936e8bc1b5
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core user_rec with 9375 documents Found core video_rec with 0 documents Found core content_rec with 308 documents Found core news_crawl with 0 documents Found core news_rec with 0 documents Found core trending_rec with 206 documents
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999df6eb9b976ac78858ff90cd1
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core content_rec with 308 documents Found core news_crawl with 0 documents Found core news_rec with 0 documents Found core trending_rec with 206 documents Found core user_rec with 9375 documents Found core video_rec with 0 documents
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999f8b55548485f34d3b35a29f9
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core news_rec with 0 documents Found core trending_rec with 206 documents Found core user_rec with 9375 documents Found core video_rec with 0 documents Found core content_rec with 308 documents Found core news_crawl with 0 documents
Fingerprint: e1fd3e483f1c60cb23d0522e5ef7e12f688d1999c3f47afced3098aad75e37fb
Running Solr node without authentication: Version: 8.4.1 (8.4.1 832bf13dd9187095831caf69783179d41059d013 - ishan - 2020-01-10 13:40:28) System: Linux 3.10.0-1160.108.1.el7.x86_64 (amd64) Found core video_rec with 0 documents Found core content_rec with 308 documents Found core news_crawl with 0 documents Found core news_rec with 0 documents Found core trending_rec with 206 documents Found core user_rec with 9375 documents
MySQL is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: cf350410ecceb5fd89b684baefb283b97521ddc8428512fa5b83d8dfa018e0b0
Databases: 39, row count: 139616, size: 7.9 MB Found table mysql.columns_priv with 0 records Found table mysql.component with 0 records Found table mysql.db with 2 records Found table mysql.default_roles with 0 records Found table mysql.engine_cost with 2 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.global_grants with 86 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 53 records Found table mysql.help_keyword with 1142 records Found table mysql.help_relation with 2631 records Found table mysql.help_topic with 583 records Found table mysql.innodb_index_stats with 26 records Found table mysql.innodb_table_stats with 4 records Found table mysql.password_history with 0 records Found table mysql.plugin with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.replication_asynchronous_connection_failover with 0 records Found table mysql.replication_asynchronous_connection_failover_managed with 0 records Found table mysql.replication_group_configuration_version with 1 records Found table mysql.replication_group_member_actions with 2 records Found table mysql.role_edges with 0 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 1815 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1976 records Found table mysql.time_zone_transition with 121720 records Found table mysql.time_zone_transition_type with 9521 records Found table mysql.user with 5 records Found table qlpb.Account with 18 records Found table qlpb.Department with 16 records
Open service 103.171.92.11:8983
2024-08-17 22:41
HTTP/1.1 302 Found Connection: close Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self'; X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: http://103.171.92.11/solr/
Open service 103.171.92.11:8983
2024-08-17 22:41
HTTP/1.1 302 Found Connection: close Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self'; X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: http://103.171.92.11/solr/
Open service 103.171.92.11:8983
2024-08-17 22:01
HTTP/1.1 302 Found Connection: close Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self'; X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: http://103.171.92.11/solr/
Open service 103.171.92.11:8983
2024-08-17 22:01
HTTP/1.1 302 Found Connection: close Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self'; X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: http://103.171.92.11/solr/