The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaaeac4a1578347ff0db20de194febcb26d01f10d8d
NoAuth Found topic cuav.up-topic Found topic c2-backend-log Found topic topic1 Found topic test-message Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0efe442a1602b9d727b23b8d6acad214363852ed
NoAuth Found topic __consumer_offsets Found topic cuav.up-topic Found topic c2-backend-log Found topic topic1 Found topic test-message
Fingerprint: 43224224eeda9da960defeaa34f7ca47bf478582a8bb14b2d62d34ef1b83f425
NoAuth Found topic topic1 Found topic test-message Found topic __consumer_offsets Found topic cuav.up-topic Found topic c2-backend-log
Fingerprint: 43224224eeda9da960defeaa3e7d8517e8d1fcafac049fd01c43a98acffd7ee7
NoAuth Found topic test-message Found topic __consumer_offsets Found topic cuav.up-topic Found topic c2-backend-log Found topic topic1
Fingerprint: 43224224eeda9da960defeaaab13d8609b1bc56139ff0b2005b2f85038c144e1
NoAuth Found topic c2-backend-log Found topic topic1 Found topic test-message Found topic __consumer_offsets Found topic cuav.up-topic
Fingerprint: 43224224eeda9da960defeaa3e7d8517b32a554db32a554db32a554db32a554d
NoAuth Found topic test-message Found topic c2-backend-log
MySQL is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: cf350410ecceb5fd436bccb980c2517d5dc4ed40bed55b42f0f61c8d4bfaee98
Databases: 49, row count: 140231, size: 8.1 MB No or default MySQL authentication found.Found table mysql.innodb_table_stats with 13 records Found table mysql.innodb_index_stats with 62 records Found table mysql.db with 2 records Found table mysql.user with 6 records Found table mysql.default_roles with 0 records Found table mysql.role_edges with 0 records Found table mysql.global_grants with 112 records Found table mysql.password_history with 0 records Found table mysql.func with 0 records Found table mysql.plugin with 0 records Found table mysql.help_topic with 942 records Found table mysql.help_category with 53 records Found table mysql.help_relation with 2391 records Found table mysql.servers with 0 records Found table mysql.tables_priv with 2 records Found table mysql.columns_priv with 0 records Found table mysql.help_keyword with 1066 records Found table mysql.time_zone_name with 1705 records Found table mysql.time_zone with 1815 records Found table mysql.time_zone_transition with 122161 records Found table mysql.time_zone_transition_type with 9871 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.procs_priv with 0 records Found table mysql.general_log with 2 records Found table mysql.slow_log with 2 records Found table mysql.component with 0 records Found table mysql.slave_relay_log_info with 1 records Found table mysql.slave_master_info with 1 records Found table mysql.slave_worker_info with 4 records Found table mysql.gtid_executed with 0 records Found table mysql.replication_asynchronous_connection_failover with 0 records Found table mysql.replication_asynchronous_connection_failover_managed with 0 records Found table mysql.replication_group_member_actions with 2 records Found table mysql.replication_group_configuration_version with 1 records Found table mysql.server_cost with 6 records Found table mysql.engine_cost with 2 records Found table mysql.proxies_priv with 1 records Found table mysql.ndb_binlog_index with 0 records Found table mysql01.t_sync_version_info with 0 records Found table cuav_cloud.t_c2_system_config with 1 records Found table cuav_cloud.t_sync_version_info with 1 records Found table cuav_cloud.t_c2_equip_list with 0 records Found table cuav_cloud.t_api_key_strategy with 1 records Found table cuav_cloud.t_service_cert_info with 2 records Found table cuav_cloud.t_api_key with 1 records Found table cuav_account.t_tob_user with 1 records Found table cuav_account.t_tob_merchant with 1 records Found table cuav_account.t_tob_merchant_c2 with 0 records Found table cuav_account.t_tob_c2_account with 0 records
Open service 52.83.173.24:80
2024-06-13 21:53
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token,X-Token,X-User-Id Access-Control-Allow-Methods: POST, GET, OPTIONS,DELETE,PUT Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, New-Token, New-Expires-At Content-Type: text/plain Date: Thu, 13 Jun 2024 21:53:38 GMT Content-Length: 18 Connection: close 404 page not found
Open service 52.83.173.24:80
2024-06-13 13:26
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token,X-Token,X-User-Id Access-Control-Allow-Methods: POST, GET, OPTIONS,DELETE,PUT Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, New-Token, New-Expires-At Content-Type: text/plain Date: Thu, 13 Jun 2024 13:26:08 GMT Content-Length: 18 Connection: close 404 page not found