• Creation
  • Validation
  • Communication & fix
  • Disclosure

Contratanet / Simplicity / ElasticSearch is publicly available
BloodyShell reported 2022-08-28

Elasticsearch and/or Kibana is currently open without authentication.

This results in all the database data made available publicly.

In this case it includes student name, phone numbers, pictures, email, address ect ...

IP:
54.237.244.220
Port:
5601
Detected protocol:
kibana
Vulnerable URL:
http://54.237.244.220:5601 
Indices: 13, document count: 2016419, size: 1.7 GB
Through Kibana endpoint
Found index student_selection_phase with 899751 documents (208.9 MB)
Found index student with 479667 documents (1.2 GB)
Found index campus with 196752 documents (51.6 MB)
Found index .apm-agent-configuration with 0 documents (208 B)
Found index opportunity with 79113 documents (81.3 MB)
Found index .kibana_1 with 6 documents (31.1 kB)
Found index .kibana_task_manager_1 with 2 documents (32.8 kB)
Found index skill with 7604 documents (2.4 MB)
Found index course with 13644 documents (5.1 MB)
Found index symplicity_request_log with 1043 documents (137.2 kB)
Found index location with 13696 documents (3.3 MB)
Found index company with 325119 documents (120.7 MB)
Found index document_type with 22 documents (15.5 kB)
Found by ElasticSearchOpenPlugin 2022-08-27
Report created by BloodyShell  2022-08-28
Report approved by BloodyShell  2022-08-28
New PDF report generated by system 2022-08-28
Report dispatched to ...@... by system 2022-08-28
Report marked as fixed by BloodyShell  2022-08-31
Report closed by BloodyShell  2022-08-31
New PDF report generated by system 2022-08-31
Information
Owner Contratanet / Simplicity
Created 2022-08-28 14:50
Updated 2022-08-31 12:19
Fixed true
Contacts
p...@symplicity.com
Status
Status closed
Hosting contacted false
CERT contacted false
Download report

© 2024 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice