The scope of the scan was a web and infrastructure vulnerability scan of 172.17.0.2 created by [email protected]. The scan was carried out on 13 October 2020.
In the scan conguration [email protected] specied that there was a firewall/WAF in place when the scan was carried out. As this is the case it is likely that it is the conguration of the firewall/WAF that has been tested and not the code of the underlying application or services. If an attacker was able to bypass the rewall then it is possible that they would be able to detect and exploit vulnerabilities which have not been detected by this scan. In order to test the code of the application or service it would be necessary to whitelist the IP address of the Ronin scanner in the rewall conguration and re-run the scan. Please contact us for further information if required
Summary
Vulnerabilities rated as being of critical severity were identied in the service(s). This represents a current threat to the service(s) and means that it could be compromised by at attacker on the internet with no further interaction with the victim required. We recommend that immediate action be taken in order to remediate this condition. It should be taken into consideration that this target could already have been compromised, especially if the condition has been in place for an extended period of time. We recommend that no trust be placed in this machine until investigations have been made into the condition of the application or service as well as the underlying infrastructure, which could all be subject to compromise. If any advice is required then check the Ronin Blog or contact us.
Vulnerability scans should be viewed as one tool in the arsenal of tools available to secure your applications and their infrastructure. Any and all vulnerabilities reported here should be remediated as part of a proactive approach to information security. Prevention is well known to be better than cure when it comes to security breaches. If few or no vulnerabilities were identied during this scan then the next step in the security life cycle should be to have it manually Pentested. If all vulnerabilities reported here have been remediated then the security professional who carries out the test should not be bogged down reporting low hanging fruit issues and can dedicate their time to more in-depth analysis which only a human can do. The benets of this approach will be evident in the savings it produces in the security budget.