GeneralInformation

Hostnames	ec2-13-127-106-12.ap-south-1.compute.amazonaws.com metabase.cadreodr.com
Domains	amazonaws.com cadreodr.com
Cloud Provider	Amazon
Cloud Region	ap-south-1
Cloud Service	EC2
Country	India
City	Mumbai
Organization	Amazon Data Services India
ISP	Amazon.com, Inc.
ASN	AS16509
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

340988842 | 2024-05-02T01:26:12.098647

80 / tcp

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 01:26:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 2 May 2024 01:26:11 GMT
Strict-Transport-Security: max-age=31536000
Set-Cookie: metabase.DEVICE=079a7084-7ca5-4b34-95a8-c6ba390e6419;HttpOnly;Path=/;Expires=Mon, 2 May 2044 01:26:11 GMT;SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://accounts.google.com    'sha256-K2AkR/jTLsGV8PyzWha7/ey1iaD9c5jWRYwa++ZlMZc=' 'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0=' 'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline' https://accounts.google.com; font-src *; img-src * 'self' data:; connect-src 'self' https://accounts.google.com metabase.us10.list-manage.com   ; manifest-src 'self';  frame-ancestors 'none';
Expires: Tue, 03 Jul 2001 06:00:00 GMT

-1174351762 | 2024-04-26T19:13:14.473983

443 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 19:13:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 26 Apr 2024 19:13:13 GMT
Strict-Transport-Security: max-age=31536000
Set-Cookie: metabase.DEVICE=f177039f-ef9e-4aff-af54-055b944d5982;HttpOnly;Path=/;Expires=Tue, 26 Apr 2044 19:13:13 GMT;SameSite=None;Secure
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://accounts.google.com    'sha256-K2AkR/jTLsGV8PyzWha7/ey1iaD9c5jWRYwa++ZlMZc=' 'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0=' 'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline' https://accounts.google.com; font-src *; img-src * 'self' data:; connect-src 'self' https://accounts.google.com metabase.us10.list-manage.com   ; manifest-src 'self';  frame-ancestors 'none';
Expires: Tue, 03 Jul 2001 06:00:00 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:f5:6a:af:29:74:75:61:3d:fb:80:6d:b6:d5:aa:09
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Oct 17 00:00:00 2023 GMT
            Not After : Nov 14 23:59:59 2024 GMT
        Subject: CN=metabase.cadreodr.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:eb:3b:9f:d9:40:03:1f:b5:22:78:92:79:e0:02:
                    d7:ec:e0:67:0e:a6:d2:9e:9f:85:1e:2c:d1:5f:f2:
                    a2:6a:26:c6:ad:13:e4:f4:cf:de:96:0c:63:54:3e:
                    df:77:7c:17:27:30:5d:6b:b4:06:69:c8:00:a2:cc:
                    88:7b:84:47:75:1a:a1:ab:89:78:70:3c:7a:17:0d:
                    39:da:18:d2:e9:14:7f:2c:1f:6a:de:fe:ec:6a:07:
                    4d:25:49:04:52:4f:62:ea:8c:e7:dc:5b:5d:85:d2:
                    4d:3f:ba:50:f7:83:cf:4b:f7:7a:b3:8c:33:18:8f:
                    ce:a5:26:b3:c4:9e:a3:08:6b:c3:23:00:5a:dc:ef:
                    80:f9:e2:60:b4:43:fb:69:d3:91:9f:12:8e:5b:3e:
                    44:d4:c3:6f:6f:75:3a:eb:8b:21:8f:0e:e6:5a:7c:
                    a8:45:2d:82:93:71:9c:88:8f:37:d7:a3:e8:d2:74:
                    6e:2d:25:a4:a8:1b:ec:9d:b0:a1:14:51:d5:c0:62:
                    e1:3c:4c:51:ed:13:1e:de:15:c3:6f:bb:12:50:a3:
                    03:22:73:32:e2:ba:08:a4:2f:8f:6d:69:d0:86:dc:
                    01:3e:30:0f:85:d1:53:6e:54:29:4f:d9:9f:f3:b9:
                    8d:d4:ec:57:ac:88:c9:f1:96:96:c9:7e:4b:37:a6:
                    b1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                EB:54:6A:B1:EA:04:79:87:1C:E5:A7:E9:B0:7A:F1:B9:79:CC:C2:18
            X509v3 Subject Alternative Name: 
                DNS:metabase.cadreodr.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Oct 17 16:15:31.403 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:60:8B:A6:77:69:1E:44:1D:C4:A5:1C:89:
                                E7:0E:1C:82:2C:E1:01:49:85:D9:01:C4:6A:1F:7F:A9:
                                82:CB:1A:44:02:20:76:41:12:FA:0A:6B:9D:87:ED:E9:
                                95:1C:71:5A:4C:1E:F3:DF:F4:3F:3F:52:FE:23:CF:E6:
                                6F:96:A2:CD:CD:44
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Oct 17 16:15:31.404 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6A:56:A0:53:14:E5:66:8A:69:87:4F:C4:
                                EB:4D:6F:A4:25:1A:27:20:02:24:72:F2:66:C7:14:7B:
                                7B:CD:6C:80:02:21:00:A6:99:8A:38:CD:E2:0C:D4:29:
                                F7:E9:B2:3A:2C:B2:66:7E:47:69:90:3D:F1:B9:14:E8:
                                D0:F9:48:53:52:02:19
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Oct 17 16:15:31.448 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8F:D1:11:00:3D:77:2B:74:03:61:8F:
                                70:E2:6B:86:41:F9:AF:F3:3E:78:A7:17:02:36:CD:A6:
                                FE:37:06:5D:8C:02:21:00:A0:A5:7B:C8:37:FC:E0:2A:
                                90:19:9B:98:31:69:27:BB:0B:FE:F1:B0:53:44:D4:FF:
                                62:99:44:33:C4:46:9C:6F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        21:1c:d6:ba:83:ba:af:c4:82:af:2d:68:81:9e:87:e4:ac:dd:
        7d:e9:43:6c:d3:27:d0:df:2d:ce:a6:87:d2:e4:d1:db:db:a5:
        9e:17:3b:0d:e7:54:64:9c:86:78:c9:f1:21:6d:9a:3f:62:72:
        33:15:08:bb:59:2f:e4:e1:11:09:66:3f:16:14:6b:ab:d4:7d:
        77:69:ad:35:55:b6:d7:c4:f8:ab:3a:0d:91:10:05:ed:8b:68:
        67:9e:1a:c5:12:d9:ce:2a:b3:e6:de:8c:2c:6b:eb:d6:71:11:
        43:b3:d6:52:3b:a6:dd:59:3e:fb:03:0f:08:05:97:e0:a6:5c:
        46:96:a9:4a:0e:7a:1c:de:04:02:66:70:f7:d6:10:cf:ed:bf:
        28:91:76:29:d6:5d:d3:17:ea:22:16:1b:ad:c2:74:16:a7:9d:
        5c:c7:43:65:a2:f4:e1:00:7c:50:65:11:3d:6e:6e:e5:8a:4f:
        df:80:b8:13:65:b4:84:71:37:43:c0:1b:b5:3a:ab:9c:8e:e3:
        1f:fe:d1:f9:cd:54:1f:4d:fd:ed:1a:53:61:1b:58:d8:ac:f4:
        e7:f8:c0:36:a7:fc:73:27:22:57:a7:ec:ed:3f:06:c2:61:fe:
        4e:2c:a1:45:d2:8f:87:33:33:92:1a:df:a7:55:c1:13:24:b0:
        7a:8a:b2:b3

13.127.106.12

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

340988842 | 2024-05-02T01:26:12.098647
80 / tcp

Metabase

-1174351762 | 2024-04-26T19:13:14.473983
443 / tcp

Metabase

Products

Pricing

Contact Us

13.127.106.12

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

340988842 | 2024-05-02T01:26:12.098647 80 / tcp

Metabase

-1174351762 | 2024-04-26T19:13:14.473983 443 / tcp

Metabase

Products

Pricing

Contact Us

340988842 | 2024-05-02T01:26:12.098647
80 / tcp

-1174351762 | 2024-04-26T19:13:14.473983
443 / tcp