GeneralInformation

Hostnames	ec2-18-140-162-123.ap-southeast-1.compute.amazonaws.com gameqoo.id
Domains	amazonaws.com gameqoo.id
Cloud Provider	Amazon
Cloud Region	ap-southeast-1
Cloud Service	EC2
Country	Singapore
City	Singapore
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-2183	Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
CVE-2022-39324	Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.
CVE-2022-39307	Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.
CVE-2022-39306	Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.
CVE-2022-39229	Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.
CVE-2022-39201	Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.
CVE-2022-36062	Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.
CVE-2022-35957	Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
CVE-2022-31130	Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.
CVE-2022-31123	Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.
CVE-2022-31107	Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.
CVE-2022-31097	Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.
CVE-2022-23552	Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.
CVE-2022-23498	Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

443

-2029888027 | 2024-04-18T10:49:39.665060

443 / tcp

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 10:49:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:a1:ae:de:64:1a:27:c1:01:c8:07:3d:3f:4f:ba:a3
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct  6 23:59:59 2024 GMT
        Subject: CN=*.gameqoo.id
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8b:12:ed:75:b5:3c:fb:57:cf:e1:6f:7e:f6:95:
                    73:9b:6e:54:c4:28:e3:ec:aa:3e:64:93:e5:e7:7b:
                    51:40:00:b1:54:8e:60:84:37:bc:76:3b:be:66:a5:
                    35:4b:94:83:70:ea:b2:82:ce:a3:87:bd:54:71:73:
                    48:9b:e5:03:a8:cc:96:f7:18:c8:50:69:aa:8d:6a:
                    54:1b:78:fb:a7:39:a1:aa:60:14:4f:7e:53:77:e7:
                    33:4c:40:03:c7:d3:9e:56:b9:6c:8e:cb:d5:50:b2:
                    91:a7:4c:e4:f7:cb:09:04:f2:35:f5:6e:f2:63:a3:
                    ae:a1:ef:93:2e:55:6e:64:54:09:44:8f:9a:98:4f:
                    7a:57:15:55:d2:17:c4:5a:23:ba:5e:d7:d0:51:53:
                    9e:09:47:4d:fe:d7:44:b0:9b:ac:a9:2a:fd:8e:48:
                    14:0a:84:91:64:cb:da:c9:7d:90:65:1c:bc:7a:a7:
                    00:0b:dd:3f:0c:14:d9:8c:6f:55:cd:d9:51:7e:4b:
                    e7:39:fb:7b:cf:b2:c8:a2:a3:3d:0a:b4:9f:aa:d8:
                    bc:12:f6:9d:36:d9:29:e8:b0:a6:52:1f:f8:1a:e4:
                    de:2a:ce:5d:b0:76:55:02:a9:93:10:55:37:9a:e6:
                    7c:87:49:9e:36:f3:a2:0a:ec:16:94:34:67:59:5b:
                    5d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                D4:47:6A:1D:9F:67:6A:1F:0E:17:38:F1:4E:D6:22:0B:BC:AD:05:53
            X509v3 Subject Alternative Name: 
                DNS:*.gameqoo.id, DNS:gameqoo.id
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Sep  9 00:26:45.705 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B6:13:EA:8D:3D:4F:48:22:0A:E9:AB:
                                12:06:4F:F1:7D:5B:90:1B:F1:3B:FE:C9:77:B4:9A:71:
                                F4:20:3E:C6:5C:02:21:00:8E:E9:F6:1F:D3:E0:B4:A1:
                                6A:15:93:59:22:AA:41:57:2A:90:0B:42:47:7B:5B:FF:
                                8D:26:26:01:18:31:5B:F2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Sep  9 00:26:45.767 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E8:6C:29:6A:10:FB:C4:92:7D:A9:F7:
                                12:FF:0F:C4:69:83:55:F2:9E:17:19:9E:DA:88:9A:1B:
                                A6:15:CA:04:91:02:20:78:18:92:36:6B:D4:00:A0:65:
                                A6:FA:7E:08:17:74:6C:05:58:42:D1:43:66:CD:F1:F9:
                                3A:17:BA:B0:EB:A9:77
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Sep  9 00:26:45.675 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3C:B3:80:F3:4C:91:6C:EA:6A:A7:68:BB:
                                D2:06:53:D1:23:4E:17:51:5B:EA:D1:E4:79:82:BF:6D:
                                EE:07:51:37:02:21:00:B7:9D:38:39:74:26:EF:1A:51:
                                05:D1:80:A6:6B:22:50:C8:F0:5B:D1:FD:DD:40:81:F9:
                                D0:98:8E:E3:3A:0D:9E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        10:b8:5e:60:e6:1f:1c:62:5a:c5:56:c3:c2:78:17:38:45:fd:
        97:63:fa:82:35:7e:7d:66:d3:4e:d5:9e:dd:56:74:6a:3b:fd:
        b3:39:f9:d2:9e:a2:c7:74:09:d7:45:2a:f5:42:0a:aa:26:79:
        79:2d:d8:26:f1:50:4c:6d:23:15:f4:e4:6a:32:18:26:7a:ce:
        1d:8b:ce:58:d2:29:e6:af:93:21:f4:87:c2:5d:72:4b:33:af:
        c5:3d:2a:4a:4c:6f:2e:95:22:93:e4:a8:21:c8:e8:d7:d5:03:
        3e:bb:46:1a:19:6d:b1:e0:0b:bf:b4:0b:47:7b:08:ff:e3:2b:
        45:9a:8c:46:0e:ea:76:11:0d:0d:02:4a:00:94:55:d0:4b:98:
        bf:6f:3e:fe:2e:85:6b:3a:7e:45:0c:62:ee:42:83:07:d5:aa:
        e9:7d:db:c7:8b:24:a8:be:a7:ec:44:16:d8:03:9a:6f:5d:4c:
        97:4c:18:fd:70:59:80:a4:72:89:33:dd:be:f5:56:af:07:ac:
        b3:ca:89:f7:0a:57:1e:5e:11:3a:7a:45:21:d4:58:6b:e3:32:
        0f:bc:cf:2f:cc:27:08:8e:3d:6b:62:68:c1:02:39:af:34:7c:
        f4:4a:1b:67:c2:9e:15:b6:95:c7:b1:43:ab:eb:ab:8b:c6:11:
        60:c5:5e:48

18.140.162.123

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2029888027 | 2024-04-18T10:49:39.665060
443 / tcp

Grafana (Open Source)9.0.1

Products

Pricing

Contact Us

18.140.162.123

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2029888027 | 2024-04-18T10:49:39.665060 443 / tcp

Grafana (Open Source)9.0.1

Products

Pricing

Contact Us

-2029888027 | 2024-04-18T10:49:39.665060
443 / tcp