Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Summary Report SIEM Octubre PDF

    Încărcat de

    Framework Security
    44 vizualizări10 pagini

    Titlu original

    Summary Report SIEM Octubre .pdf

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    44 vizualizări10 pagini

    Summary Report SIEM Octubre PDF

    Încărcat de

    Framework Security

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 10

    Summary Report

    Vulnerabilities by Severity

    Scan Completed: October 10, 2019


    Report Generated: October 10, 2019

    CONFIDENTIAL INFORMATION - FOR INTERNAL USE ONLY

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Incocredito.
    Report Date: 2019-10-10
    HIDDEN TEXT TO MARK THE BEGINNING OF THE TABLE OF CONTENTS

    Summary Report: Table of Contents

    Executive Summary 3

    Summary Report 4

    Vulnerabilities by Severity 4

    High 4

    Medium 5

    Low 9

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 2 of 10
    Incocredito.
    Report Date: 2019-10-10

    Executive Summary

    The TrustKeeper vulnerability and policy scan is designed to assess the network, service, and application security of your on-line systems.

    The vulnerability and policy scan also assesses compliance with configuration requirements of applicable Information Security standards. Note that a full
    vulnerability assessment may require manual penetration testing where more aggressive techniques can be utilized to test the security of your systems.

    On 2019-10-10, Trustwave's TrustKeeper vulnerability scanner performed a network-based assessment of the target devices of Incocredito to identify
    security vulnerabilities. A total of 109 vulnerabilities were found during the scan.

    Trustwave uses the following risk ranking when reporting vulnerability risks.

    • Critical risk vulnerabilities indicate that a system can be successfully attacked. You should investigate and remediate these issues immediately.
    • High risk vulnerabilities indicate problems that could result in immediate compromise. These issues should be investigated and remediated as soon
    as possible.
    • Medium risk vulnerabilities indicate issues that could potentially result in information or system compromise.
    • Low risk vulnerabilities indicate low severity problems or warnings, such as configurations that might reveal interesting reconnaissance information
    that could be used to facilitate a compromise.
    • Info risk vulnerabilities provide details about your systems that might be of interest but do not represent a security threat. Informational vulnerabilities
    are not included in the Vulnerabilities by Severity section of this summary report.

    Scan Summary
    Scan Name Scan Type Total Active Start Time End Time Total Time
    Targets Hosts
    int_puntual Internal Scan 1 1 2019-10-10 2019-10-10 1 hour, 10 minutes
    14:53:08 16:05:08

    Top 5 Vulnerabilities

    Highest Risk Vulnerabilities Severity Count


    Unsupported Version of Apache HTTP Server High 2
    Apache HTTP Server Multiple Vulnerabilities 2.2.x Through 2.2.34 and High 2
    Local privilege escalation in OpenSSH before 7.4 using sandboxed High 1
    OpenSSH X11 Security Bypass Vulnerability (OpenSSH 7.2 Release) High 1
    MySQL Critical Patch Update - April 2019 High 1

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 3 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Vulnerabilities by Severity

    The following issues were identified during this scan. Please review all items and address all that items that affect compliance or the security of your system. In the tables below you can
    find the following information about each TrustKeeper finding.

    • Severity - This identifies the risk of the vulnerability and (where applicable) the CVSS score.
    • Vulnerability - This describes the details of the finding, along with the CVE identifier - an industry standard for cataloging vulnerabilities. If you are looking for a specific vulnerability,
    you may search for the CVE Identifier using your PDF viewer's normal search functions.

    For more information on how to read this section and the scoring methodology used, please refer to the appendix.

    High Medium Low


    Critical
    (7.0 - 10.0) (4.0 - 6.9) (0.0 - 3.9)

    High

    CVSS Vulnerability CVE IP/Host/Port/Service

    10.0 Unsupported Version of Apache HTTP Server 172.20.8.253 - tcp/80 - apache:http_server

    172.20.8.253 - tcp/443 - apache:http_server

    10.0 Unsupported Version of OpenSSH 172.20.8.253 - tcp/22 - openssh:openssh

    8.5 OpenSSH through 6.9 does not correctly restrict the use of CVE-2015-5600 172.20.8.253 - tcp/22 - openssh:openssh
    keyboard-interactive devices within a single connection

    7.8 HTTP Server Overlapping Byte-Range Denial of Service CVE-2011-3192 172.20.8.253 - tcp/443 - apache:http_server

    7.8 MySQL Critical Patch Update - April 2019 CVE-2019-2644 CVE-2019-2626 CVE-2019-2566 172.20.8.253 - tcp/3306 - mysql:mysql
    CVE-2019-2628 CVE-2019-2624 CVE-2019-2593
    CVE-2019-2585 CVE-2019-2580 CVE-2019-2634
    CVE-2019-2623 CVE-2018-3123 CVE-2019-1559
    CVE-2019-2695 CVE-2019-2694 CVE-2019-2693
    CVE-2019-2632 CVE-2019-2688 CVE-2019-2687
    CVE-2019-2686 CVE-2019-2685 CVE-2019-2681
    CVE-2019-2625 CVE-2019-2607 CVE-2019-2596
    CVE-2019-2581 CVE-2019-2631 CVE-2019-2606
    CVE-2019-2589 CVE-2019-2584 CVE-2019-2635
    CVE-2019-2587 CVE-2019-2592 CVE-2019-2683

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 4 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    High

    CVSS Vulnerability CVE IP/Host/Port/Service

    CVE-2019-2689 CVE-2019-2630 CVE-2019-2617


    CVE-2019-2614 CVE-2019-2636 CVE-2019-2691
    CVE-2019-2627 CVE-2019-2620

    7.8 OpenSSH before 7.3 vulnerable to Denial of Service by not CVE-2016-6515 172.20.8.253 - tcp/22 - openssh:openssh
    setting a limit for password length

    7.5 Apache HTTP Server Multiple Vulnerabilities 2.2.x Through CVE-2017-9788 CVE-2017-7679 CVE-2017-7668 172.20.8.253 - tcp/80 - apache:http_server
    2.2.34 and 2.4.x prior to 2.4.26 CVE-2017-3169 CVE-2017-3167
    172.20.8.253 - tcp/443 - apache:http_server

    7.5 MySQL Critical Patch Update - July 2019 CVE-2019-2731 CVE-2019-2730 CVE-2019-2879 172.20.8.253 - tcp/3306 - mysql:mysql
    CVE-2019-2834 CVE-2019-2830 CVE-2019-2826
    CVE-2019-2822 CVE-2019-2819 CVE-2019-2815
    CVE-2019-2814 CVE-2019-2812 CVE-2019-2811
    CVE-2019-2810 CVE-2019-2808 CVE-2019-2805
    CVE-2019-2803 CVE-2019-2802 CVE-2019-2801
    CVE-2019-2800 CVE-2019-2797 CVE-2019-2796
    CVE-2019-2795 CVE-2019-2791 CVE-2019-2789
    CVE-2019-2785 CVE-2019-2784 CVE-2019-2780
    CVE-2019-2778 CVE-2019-2774 CVE-2019-2758
    CVE-2019-2757 CVE-2019-2752 CVE-2019-2741
    CVE-2019-2740 CVE-2019-2739 CVE-2019-2738
    CVE-2019-2737 CVE-2019-3822 CVE-2019-2798
    CVE-2019-2755 CVE-2019-2747 CVE-2019-2746
    CVE-2019-2743

    7.5 OpenSSH X11 Security Bypass Vulnerability (OpenSSH 7.2 CVE-2016-1908 172.20.8.253 - tcp/22 - openssh:openssh
    Release)

    7.2 Local privilege escalation in OpenSSH before 7.4 using CVE-2016-10012 172.20.8.253 - tcp/22 - openssh:openssh
    sandboxed process in shared memory manager (related to
    m_zback and m_zlib structures)

    7.2 OpenSSH through 7.2p2 allows potential privilege escalation by CVE-2015-8325 172.20.8.253 - tcp/22 - openssh:openssh
    remote attackers

    Medium

    CVSS Vulnerability CVE IP/Host/Port/Service

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 5 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Medium

    CVSS Vulnerability CVE IP/Host/Port/Service

    6.9 Apache HTTP Server Zero-Length Directory Name in CVE-2012-0883 172.20.8.253 - tcp/80 - apache:http_server
    LD_LIBRARY_PATH Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    6.9 Local privilege escalation in OpenSSH before 7.4 when sshd CVE-2016-10010 172.20.8.253 - tcp/22 - openssh:openssh
    runs with root privileges (related to serverloop.c)

    6.9 OpenSSH Portable (non-OpenBSD) Remote Code Execution and CVE-2015-6564 172.20.8.253 - tcp/22 - openssh:openssh
    Privilege Escalation by use-after-free bug in pre-auth process

    6.8 Apache HTTP Server mod_auth_digest Weak Digest Auth Nonce CVE-2018-1312 172.20.8.253 - tcp/80 - apache:http_server
    Generation Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    6.8 HTTPoxy Vulnerability in Apache HTTP Server CVE-2016-5387 CVE-2016-5388 CVE-2016-5386 172.20.8.253 - tcp/80 - apache:http_server
    CVE-2016-5385
    172.20.8.253 - tcp/443 - apache:http_server

    6.8 SSL Certificate is Not Trusted (Internal Scan) 172.20.8.253 - tcp/443 - apache:http_server

    6.8 Weak SSH Encryption Algorithms Supported 172.20.8.253 - tcp/9022 - ssh

    6.8 Weak SSH Hashing Algorithms Supported 172.20.8.253 - tcp/9022 - ssh

    6.8 Weak SSH Key Exchange Algorithms Supported 172.20.8.253 - tcp/9022 - ssh

    6.4 Apache HTTP Server mod_auth_digest Uninitialized Memory CVE-2017-9788 172.20.8.253 - tcp/80 - apache:http_server
    Reflection Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    6.4 SSL Certificate is Self-Signed 172.20.8.253 - tcp/443 - apache:http_server

    5.8 OpenSSH SCP Client Object Name Input Validation Vulnerability CVE-2019-6111 172.20.8.253 - tcp/22 - openssh:openssh

    5.8 OpenSSH SSHFP DNS resource record look up bypass in the CVE-2014-2653 172.20.8.253 - tcp/22 - openssh:openssh
    client

    5.8 OpenSSH Wildcards on AcceptEnv Vulnerability CVE-2014-2532 172.20.8.253 - tcp/22 - openssh:openssh

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 6 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Medium

    CVSS Vulnerability CVE IP/Host/Port/Service

    5.5 X11 forwarding data allows multiple CRLF injection in OpenSSH CVE-2016-3115 172.20.8.253 - tcp/22 - openssh:openssh
    before 7.2p2

    5.1 Apache HTTP Server mod_rewrite Terminal Escape Sequence CVE-2013-1862 172.20.8.253 - tcp/80 - apache:http_server
    Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Allows Remote Attackers to Read Privileged CVE-2017-9798 172.20.8.253 - tcp/80 - apache:http_server
    Memory
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server mod_dav Denial of Service Vulnerability via CVE-2013-6438 172.20.8.253 - tcp/80 - apache:http_server
    a Crafted DAV WRITE Request
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server mod_dav Denial of Service Vulnerability via CVE-2010-1452 172.20.8.253 - tcp/80 - apache:http_server
    a Request Without a Path
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server mod_log_config Denial of Service CVE-2014-0098 172.20.8.253 - tcp/80 - apache:http_server
    Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server mod_proxy_ajp Remote Denial of Service CVE-2012-4557 172.20.8.253 - tcp/80 - apache:http_server
    Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server Prior to 2.0.64 and 2.2.17 Multiple Denial of CVE-2009-3720 CVE-2009-3560 CVE-2010-1623 172.20.8.253 - tcp/80 - apache:http_server
    Service Vulnerabilities
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server Request Smuggling Vulnerability via Invalid CVE-2015-3183 172.20.8.253 - tcp/80 - apache:http_server
    Chunk-Extension Characters
    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Server Reverse Proxy/Rewrite URL Validation CVE-2011-3368 CVE-2011-3639 CVE-2011-4317 172.20.8.253 - tcp/80 - apache:http_server
    Vulnerability

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 7 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Medium

    CVSS Vulnerability CVE IP/Host/Port/Service

    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Apache HTTP Whitespace Char Injection Vulnerability CVE-2016-8743 172.20.8.253 - tcp/80 - apache:http_server

    172.20.8.253 - tcp/443 - apache:http_server

    5.0 Block cipher algorithms with block size of 64 bits (like DES and CVE-2016-2183 172.20.8.253 - tcp/443 - apache:http_server
    3DES) birthday attack known as Sweet32

    5.0 OpenSSH before 7.1p2 allows for Denial of Service via crafted CVE-2016-1907 172.20.8.253 - tcp/22 - openssh:openssh
    network traffic

    5.0 OpenSSH Out-of-sequence NEWKEYS Message Denial of Service CVE-2016-10708 172.20.8.253 - tcp/22 - openssh:openssh
    Vulnerability (OpenSSH 7.4 Release)

    5.0 OpenSSH socket exhaustion denial of service CVE-2010-5107 172.20.8.253 - tcp/22 - openssh:openssh

    5.0 OpenSSH sshd User Enumeration Vulnerability CVE-2018-15473 172.20.8.253 - tcp/22 - openssh:openssh

    4.6 Apache HTTP Server Scoreboard Vulnerability CVE-2012-0031 172.20.8.253 - tcp/80 - apache:http_server

    172.20.8.253 - tcp/443 - apache:http_server

    4.6 OppenSSH allows Denial of Service with proxy forwarding CVE-2016-0778 172.20.8.253 - tcp/22 - openssh:openssh
    options enabled

    4.4 Apache HTTP Server mod_setenvif .htaccess File Privilege CVE-2011-3607 172.20.8.253 - tcp/80 - apache:http_server
    Escalation Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    4.3 Apache HTTP Server Cross-Site Scripting Vulnerabilities via CVE-2012-3499 CVE-2012-4558 172.20.8.253 - tcp/80 - apache:http_server
    Hostnames
    172.20.8.253 - tcp/443 - apache:http_server

    4.3 Apache HTTP Server mod_proxy_ajp with mod_proxy_balancer CVE-2011-3348 172.20.8.253 - tcp/80 - apache:http_server
    Denial of Service Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 8 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Medium

    CVSS Vulnerability CVE IP/Host/Port/Service

    4.3 Apache HTTP Server mod_userdir CRLF injection Vulnerability CVE-2016-4975 172.20.8.253 - tcp/80 - apache:http_server

    172.20.8.253 - tcp/443 - apache:http_server

    4.3 Apache HTTP Server out of Bound Access Vulnerability CVE-2018-1301 172.20.8.253 - tcp/80 - apache:http_server

    172.20.8.253 - tcp/443 - apache:http_server

    4.3 Apache HTTP Server Stack Consumption APR Denial of Service CVE-2011-0419 172.20.8.253 - tcp/80 - apache:http_server
    Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    4.3 OpenSSH before 6.9, when ForwardX11Trusted mode is not CVE-2015-5352 172.20.8.253 - tcp/22 - openssh:openssh
    used lacks proper access restrictions

    4.0 OpenSSH allows for the transmission of the entire buffer to CVE-2016-0777 172.20.8.253 - tcp/22 - openssh:openssh
    remote servers before 7.1p2

    4.0 OpenSSH SCP Client Object Name Output Spoofing Vulnerability CVE-2019-6109 172.20.8.253 - tcp/22 - openssh:openssh

    4.0 OpenSSH SCP Client Standard Error Output Spoofing CVE-2019-6110 172.20.8.253 - tcp/22 - openssh:openssh
    Vulnerability

    Low

    CVSS Vulnerability CVE IP/Host/Port/Service

    3.7 Forwarded agent channel privilege escalation in OpenSSH CVE-2016-10009 172.20.8.253 - tcp/22 - openssh:openssh
    before 7.4 allows remote execution of arbitrary local PKCS#11
    modules

    3.5 OpenSSH Resources Exhaustion Bug via GSSAPI CVE-2011-5000 172.20.8.253 - tcp/22 - openssh:openssh

    2.6 Indexable Web Directories 172.20.8.253 - tcp/443 - apache:http_server

    2.6 OpenSSH SCP Client Directory Name Input Validation CVE-2018-20685 172.20.8.253 - tcp/22 - openssh:openssh
    Vulnerability

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 9 of 10
    Incocredito.
    Report Date: 2019-10-10

    Summary Report

    Low

    CVSS Vulnerability CVE IP/Host/Port/Service

    2.1 Local information disclosure (private key) in OpenSSH before 7.4 CVE-2016-10011 172.20.8.253 - tcp/22 - openssh:openssh
    using privilege separated child process

    2.1 Portable OpenSSH Information Leakage (OSVDB 72183) 172.20.8.253 - tcp/22 - openssh:openssh

    2.1 Portable OpenSSH ssh-keysign unauthorised local access to host CVE-2011-4327 172.20.8.253 - tcp/22 - openssh:openssh
    keys

    1.9 OpenSSH before 7.0 running on non-OpenBSD OS is vulnerable CVE-2015-6563 172.20.8.253 - tcp/22 - openssh:openssh
    to local impersonation attack by accepting extraneous
    username in MONITOR_REQ_PAM_INIT_CTX request

    1.2 Apache HTTP Server mod_setenvif w/ HTTP Request Header CVE-2011-4415 172.20.8.253 - tcp/80 - apache:http_server
    Denial of Service Vulnerability
    172.20.8.253 - tcp/443 - apache:http_server

    0.0 ICMP Timestamp Response CVE-1999-0524 172.20.8.253

    Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
    Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
    Page 10 of 10
    Incocredito.

    S-ar putea să vă placă și