Skip to main content

Automatic information enumeration - Open ports

Description

The security group is configured to open an unnecessarily large range of ports. With the scan is possible to list the services available on the servers to know which one can be consumed.

Impact

  • Scan all the system ports and access the services that are running on them.
  • Install backdoors on the compromised system through the open ports.

Recommendation

Securely configure the vulnerable service to be accessed only by authorized users.

Threat

Internal attacker with access to the VPC.

Expected Remediation Time

⌚ 120 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the src.

Base

  • Attack vector: A
  • Attack complexity: L
  • Privileges required: L
  • User interaction: N
  • Scope: U
  • Confidentiality: L
  • Integrity: L
  • Availability: N

Temporal

  • Exploit code madurity: P
  • Remediation level: X
  • Report confidence: X

Result

  • Vector string: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:X
  • Score:
    • Base: 4.6
    • Temporal: 4.4
  • Severity:
    • Base: Medium
    • Temporal: Medium

Score 4.0

Default score using CVSS 4.0 . It may change depending on the context of the src.

Base 4.0

  • Attack vector: A
  • Attack complexity: L
  • Attack Requirements: N
  • Privileges required: L
  • User interaction: N
  • Confidentiality (VC): L
  • Integrity (VI): L
  • Availability (VA): N
  • Confidentiality (SC): N
  • Integrity (SI): N
  • Availability (SA): N

Threat 4.0

  • Exploit madurity: P

Result 4.0

  • Vector string: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
  • Score:
    • CVSS-BT: 2.0
  • Severity:
    • CVSS-BT: Low

Requirements

Fixes

free trial

Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.