GeneralInformation

Hostnames	ec2-52-42-158-249.us-west-2.compute.amazonaws.com stg.vubiquity.com
Domains	amazonaws.com vubiquity.com
Cloud Provider	Amazon
Cloud Region	us-west-2
Cloud Service	EC2
Country	United States
City	Boardman
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11710

7.5An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1) Inaccurate Bug Scope - The issue scope was on Kong's docker-compose template, and not Kong's docker image itself. In reality, this issue is not associated with any version of the Kong gateway. As such, the description stating ‘An issue was discovered in docker-kong (for Kong) through 2.0.3.’ is incorrect. This issue only occurs if a user decided to spin up Kong via docker-compose without following the security documentation. The docker-compose template is meant for users to quickly get started with Kong, and is meant for development purposes only. 2) Incorrect Patch Links - The CVE currently points to a documentation improvement as a “Patch” link: https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611.This link actually points to an improvement Kong Inc made for fool-proofing. However, instructions for how to protect the admin API were already well-documented here: https://docs.konghq.com/2.0.x/secure-admin-api/#network-layer-access-restrictions , which was first published back in 2017 (as shown in this commit: https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949) Lastly, the hyperlink to https://github.com/Kong/kong (an unrelated Github Repo to this issue) on the Hyperlink list does not include any meaningful information on this topic.

OpenPorts

443

-1903379194 | 2024-05-19T02:15:13.452895

443 / tcp

HTTP/1.1 404 Not Found
Date: Sun, 19 May 2024 02:15:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 48
Connection: keep-alive
X-Kong-Response-Latency: 1
Server: kong/1.5.1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:ef:c9:d9:3e:6c:b6:0d:77:df:ab:6f:93:04:be:17
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Nov 10 00:00:00 2023 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: C=US, ST=California, L=Burbank, O=Vubiquity, Inc., CN=*.stg.vubiquity.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:cd:22:de:12:c0:fb:03:cc:1e:28:2c:13:48:
                    d5:8c:9b:71:8b:c5:36:87:6b:e1:4b:e7:ac:4c:ff:
                    e2:67:89:22:6e:1c:c3:e9:f1:5e:7c:01:b6:2a:3a:
                    00:26:64:22:15:25:72:02:a7:38:49:d9:43:3f:12:
                    de:97:b1:bd:48:68:7d:5e:b6:06:b6:0b:f1:db:d0:
                    14:22:30:8c:84:2c:7a:93:86:05:17:05:80:93:ab:
                    7b:08:f8:6a:f0:e6:8d:be:7c:05:fe:7d:97:8e:d1:
                    5d:35:15:d9:82:a9:b5:1f:fa:98:f6:a2:c5:4d:2e:
                    ab:fe:09:52:6f:9c:3a:96:70:d4:18:a8:1c:d6:59:
                    02:dc:91:48:7f:6c:21:6b:f9:80:60:de:f4:bf:a3:
                    22:7c:55:21:8b:d1:32:8b:6b:cd:2e:d2:86:33:62:
                    bc:1b:76:88:a3:20:3d:6b:f3:af:ba:88:ba:51:41:
                    6f:69:f0:6e:e1:1c:97:8a:5d:e6:2d:aa:67:00:7c:
                    1b:03:7a:15:e6:99:8c:ba:e4:2e:80:de:19:e6:ea:
                    0f:1a:7d:b0:a9:1a:76:20:15:5a:47:8d:0a:a7:bc:
                    04:b1:3e:57:a3:1b:4c:e5:f1:d7:8d:9a:52:9c:fe:
                    97:4b:86:f0:1c:78:cc:7a:ff:31:76:0a:cd:7d:b5:
                    e7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17
            X509v3 Subject Key Identifier: 
                41:2F:5B:C8:41:DC:2E:79:FE:A6:62:34:66:52:6C:76:E9:5E:A1:F4
            X509v3 Subject Alternative Name: 
                DNS:*.stg.vubiquity.com, DNS:stg.vubiquity.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
                Full Name:
                  URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 10 11:31:57.699 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1D:25:2A:FC:FD:74:34:8E:2B:10:54:66:
                                3C:7D:63:4E:28:1A:7A:18:52:3A:69:E6:9B:A2:CF:FA:
                                0B:D9:05:61:02:20:78:25:9E:7F:F5:19:61:2A:0B:2B:
                                F5:AC:D3:3D:B9:8B:B5:74:53:7B:65:87:C1:75:3D:68:
                                EE:BF:92:D1:D3:F0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 10 11:31:57.710 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D0:F7:FA:BD:89:40:47:4B:C4:8B:79:
                                6B:A2:92:E8:4A:5D:B7:BE:52:66:C5:3E:D8:3E:92:7E:
                                60:64:0E:79:B5:02:20:47:FF:27:B9:56:62:AD:CE:36:
                                82:E7:DC:4F:C0:55:DB:0E:6E:DD:26:2C:43:23:BC:EC:
                                30:FC:3C:6A:96:E1:88
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Nov 10 11:31:57.803 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CE:87:17:85:8D:DD:BD:84:64:A4:85:
                                51:E7:7E:9D:C3:18:11:91:00:24:66:6A:03:A4:11:DD:
                                C3:28:25:DE:53:02:20:6D:2E:00:BD:34:60:EF:DB:4F:
                                C3:0B:67:3D:19:51:46:76:C0:3B:05:4D:8C:D0:A0:E2:
                                C6:A0:F1:29:17:2C:2C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        80:ce:77:45:1e:ea:6c:fe:c4:5b:87:51:76:f5:6c:de:8d:0a:
        5e:0f:76:54:45:38:98:ba:3b:85:46:13:c5:65:8b:2f:15:a1:
        e0:a3:66:f0:22:28:80:27:90:ab:29:87:a2:7b:46:63:fd:37:
        a8:79:98:ef:6e:17:43:64:fc:02:e8:40:69:ac:ab:e1:13:0f:
        57:b0:a4:28:31:27:c2:7f:90:e1:33:ed:82:aa:a8:7e:96:b5:
        2b:00:4e:4e:1d:41:03:a6:d2:d5:c4:b5:53:31:0c:e3:94:57:
        5f:6c:97:ce:e5:c2:b3:43:04:83:e9:13:e0:6c:af:7b:6a:58:
        b0:8c:4f:39:c0:e8:d5:71:e7:d4:ce:7f:35:79:21:29:8a:72:
        94:dc:eb:5a:85:e8:12:da:eb:03:75:e4:2e:4c:5f:6c:15:0f:
        9e:de:2c:dd:26:49:d0:b9:c1:ca:71:44:43:54:29:87:4a:6e:
        d3:08:2c:d3:2f:0d:13:f9:8a:71:7d:77:e4:9f:a3:99:64:87:
        a4:05:1e:76:0d:db:15:65:28:ae:40:d9:9a:7c:59:f4:e8:20:
        22:10:10:37:16:f5:0a:d1:17:f8:99:4e:14:65:9b:51:da:49:
        25:ab:b7:9d:4a:9d:2c:05:85:87:ce:c1:5b:c4:0a:78:e9:77:
        85:4f:38:f4

52.42.158.249

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1903379194 | 2024-05-19T02:15:13.452895
443 / tcp

Kong Gateway1.5.1

Products

Pricing

Contact Us

52.42.158.249

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1903379194 | 2024-05-19T02:15:13.452895 443 / tcp

Kong Gateway1.5.1

Products

Pricing

Contact Us

-1903379194 | 2024-05-19T02:15:13.452895
443 / tcp