Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: 831cb76b8e05df46caeeed12ea8ff762bf72cc9454e48af554e48af554e48af5
Indices: 2, document count: 3, size: 15.4 kB Through Kibana endpoint Found index read_me with 1 documents (4.8 kB) Found index .kibana with 2 documents (10.6 kB)
Severity: high
Fingerprint: 831cb76b8e05df46a0b858f92afb137b8bea101bebebf625ebebf625ebebf625
Indices: 2, document count: 3, size: 14.8 kB Through Kibana endpoint Found index read_me with 1 documents (4.8 kB) Found index .kibana with 2 documents (9.9 kB)
Severity: high
Fingerprint: 831cb76b8e05df46faf040918733c24359713323c075ed6f6e0627b0ec431b7d
Indices: 4, document count: 13, size: 229.5 kB Through Kibana endpoint Found index read_me with 1 documents (4.8 kB) Found index .kibana with 1 documents (5.2 kB) Found index test-file-default-nginx-2022.07.11 with 2 documents (27.6 kB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.07.11 with 9 documents (191.8 kB)
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa8de733f0414af5af06b5cd21490ba2122ded001f
NoAuth Found topic device_networking Found topic viot_down_raw_reply_tes Found topic Y.S.K Found topic biz_log_local Found topic viot_up_raw_reply_test Found topic test Found topic viot_device_status_prod Found topic lrxtest0625 Found topic viot_user_share_bind_topic_test Found topic business_log Found topic 1 Found topic log-test Found topic method_topic Found topic dev-app-log Found topic viomi-campaign-biz-process-log Found topic viot_dev_sub_test Found topic reply_topic Found topic springCloudBus Found topic operating.log.topic Found topic third_device_up_raw_test Found topic biz_log_dev Found topic __consumer_offsets Found topic viot_up_raw Found topic up_event-0 Found topic output Found topic erp_doo_order_rog_log_test Found topic viomi-campaign_demo Found topic up_event Found topic viot_up_raw_test Found topic connect-offsets Found topic viot_user_share_bind_topic Found topic viot_down_raw Found topic 2 Found topic my-topic Found topic topic02 Found topic vhome_message_router_business_test Found topic viot_device_status_test Found topic viot_stats Found topic viot-kafka-test Found topic up_info Found topic user_opt Found topic viot_down_raw_reply Found topic trace_test_topic Found topic third_device_status_test Found topic biz_log_shadow Found topic GID_VIOT_MQTT Found topic 3 Found topic mi_spec_verification Found topic device_status_filtered_test Found topic input Found topic viot_down_raw_reply_test Found topic device_status Found topic viot_up_raw_reply Found topic sn_trace Found topic viot_stats_detail Found topic project Found topic profile_device_data Found topic GID_VIOT_MQTT_test Found topic viot_dev_sub_up_raw_test Found topic kafka.operating.log.topic.test Found topic vhome_notify_triggered_to_homemap_test Found topic viot_fbee_notify_test Found topic viot_down_raw_test Found topic viot_user_bind_topic_test Found topic third_device_status Found topic up_info2 Found topic viomi-campaign-coupon-instance-create Found topic biz_log_test
Fingerprint: 43224224eeda9da960defeaa66a42701a176c92d07ac6347c5200f0cfeba5ac3
NoAuth Found topic viot_stats_detail Found topic log-test Found topic viot_up_raw Found topic kafka.operating.log.topic.test Found topic 3 Found topic test Found topic third_device_up_raw_test Found topic viot_user_bind_topic_test Found topic connect-offsets Found topic viomi-campaign-coupon-instance-create Found topic viot_user_share_bind_topic Found topic viot_fbee_notify_test Found topic mi_spec_verification Found topic device_status Found topic viomi-campaign_demo Found topic user_opt Found topic third_device_status_test Found topic biz_log_shadow Found topic up_event-0 Found topic lrxtest0625 Found topic viot_up_raw_reply_test Found topic __consumer_offsets Found topic viot_down_raw_reply_tes Found topic 1 Found topic biz_log_dev Found topic viot_up_raw_reply Found topic business_log Found topic viot_down_raw_reply Found topic output Found topic viot_dev_sub_test Found topic operating.log.topic Found topic viot_device_status_prod Found topic dev-app-log Found topic GID_VIOT_MQTT Found topic up_event Found topic viot_stats Found topic third_device_status Found topic viot_up_raw_test Found topic biz_log_local Found topic erp_doo_order_rog_log_test Found topic input Found topic sn_trace Found topic viot_device_status_test Found topic GID_VIOT_MQTT_test Found topic my-topic Found topic Y.S.K Found topic viomi-campaign-biz-process-log Found topic topic02 Found topic reply_topic Found topic viot_down_raw Found topic springCloudBus Found topic profile_device_data Found topic method_topic Found topic viot_user_share_bind_topic_test Found topic vhome_message_router_business_test Found topic viot_down_raw_reply_test Found topic up_info Found topic trace_test_topic Found topic 2 Found topic device_networking Found topic project Found topic up_info2 Found topic viot_dev_sub_up_raw_test Found topic device_status_filtered_test Found topic vhome_notify_triggered_to_homemap_test Found topic viot_down_raw_test Found topic viot-kafka-test Found topic biz_log_test
Elasticsearch and/or Kibana is currently open without authentication.
Additionaly a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: 831cb76b8e05df46114672df8eacb9277eef988385be4b3c4588e7900a268bfd
Indices: 15, document count: 146903, size: 43.0 MB Found index read_me with 1 documents (4.8 kB) Found index test-access-%{k8s_pod_namespace}-%{k8s_container_name}-2022.06.08 with 434 documents (153.6 kB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.17 with 12651 documents (3.0 MB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.16 with 23266 documents (4.7 MB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.14 with 6332 documents (2.4 MB) Found index .kibana with 3 documents (15.9 kB) Found index test-file-default-nginx-2022.06.16 with 2880 documents (704.0 kB) Found index test-file-default-nginx-2022.06.17 with 1575 documents (432.2 kB) Found index test-file-default-nginx-2022.06.14 with 719 documents (215.7 kB) Found index test-file-default-nginx-2022.06.15 with 2880 documents (612.3 kB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.15 with 25869 documents (9.6 MB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.16 with 25431 documents (9.3 MB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.17 with 13932 documents (5.5 MB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.15 with 25176 documents (5.1 MB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.14 with 5754 documents (1.3 MB)
Severity: critical
Fingerprint: 831cb76b8e05df466bb6edd03b5183b074bf1ebb68730b8fe348117725a5ef4c
Indices: 12, document count: 67780, size: 20.0 MB Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.16 with 533 documents (315.2 kB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.14 with 6332 documents (2.4 MB) Found index .kibana with 3 documents (19.3 kB) Found index read_me with 1 documents (4.8 kB) Found index test-file-default-nginx-2022.06.16 with 72 documents (80.7 kB) Found index test-file-default-nginx-2022.06.14 with 719 documents (215.7 kB) Found index test-file-default-nginx-2022.06.15 with 2880 documents (612.3 kB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.15 with 25869 documents (9.6 MB) Found index test-app-yunmi-test-viomi-channel-tools-web-test-2022.06.16 with 7 documents (176.0 kB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.15 with 25176 documents (5.1 MB) Found index test-access-%{k8s_pod_namespace}-%{k8s_container_name}-2022.06.08 with 434 documents (153.6 kB) Found index test-file-yunmi-test-viomi-channel-tools-web-test-2022.06.14 with 5754 documents (1.3 MB)
Severity: medium
Fingerprint: 831cb76b8e05df4689db2d73251257f8a8f67bc5bce54b58bce54b58bce54b58
Indices: 3, document count: 3, size: 20.0 kB Found index actuator with 1 documents (5.0 kB) Found index api with 1 documents (7.5 kB) Found index v2 with 1 documents (7.5 kB)
Fingerprint: 831cb76b8e05df4652920762bb3982b738c5c86f16061b2a0fcee0e64b37fa1c
Indices: 10, document count: 56, size: 200.7 kB Found index n2cc8ce74dcf74d3b83f810a9ba118dfc with 0 documents (208 B) Found index my_index with 0 documents (208 B) Found index tb2a5197aca85482e8fbc9d1199332a96 with 0 documents (208 B) Found index hfeafd8f75a244be3990e546623652b6d with 0 documents (208 B) Found index lc224863899fc4338ac33d8aa483c48c3 with 0 documents (208 B) Found index api with 10 documents (26.2 kB) Found index category with 18 documents (16.7 kB) Found index graphql with 10 documents (26.2 kB) Found index uaa035730aec3458294b0701ac4ab11c4 with 0 documents (208 B) Found index wares with 18 documents (130.3 kB)