GeneralInformation

Hostnames	rbde.rdwf-prod003-us-west-1.razorbill.codedeploy.a2z.com ec2-54-176-3-188.us-west-1.compute.amazonaws.com
Domains	a2z.com amazonaws.com
Cloud Provider	Amazon
Cloud Region	us-west-1
Cloud Service	EC2
Country	United States
City	San Jose
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

JavaScript libraries

jQuery

jQuery UI

Select2

Programming languages

Java

UI frameworks

Bootstrap

Wikis

Atlassian Confluence

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-4027	4.7Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
CVE-2019-3398	8.8Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
CVE-2019-3396	9.8The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
CVE-2019-3395	9.8The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) allows remote attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.
CVE-2019-20406	7.8The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.
CVE-2019-15005	4.3The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulnerable version of the plugin is included with Bitbucket Server / Data Center before 6.6.0, Confluence Server / Data Center before 7.0.1, Jira Server / Data Center before 8.3.2, Crowd / Crowd Data Center before 3.6.0, Fisheye before 4.7.2, Crucible before 4.7.2, and Bamboo before 6.10.2.
CVE-2018-13389	4.7The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
CVE-2017-18086	6.1Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
CVE-2017-18085	6.1The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.
CVE-2017-18084	4.8The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.
CVE-2017-18083	5.4The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.
CVE-2017-16856	6.1The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) vulnerabilities in various rss properties which were used as links without restriction on their scheme.
CVE-2016-6283	6.1Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
CVE-2016-4317	5.4Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
CVE-2015-8399	4.3Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
CVE-2015-8398	6.1Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check.

OpenPorts

4567 6002 6633 9443 50070

384821124 | 2024-04-09T21:28:40.643192

4567 / tcp

HTTP/1.1 200 OK
Date: Tue, 09 Apr 2024 21:28:40 GMT
Server: nginx
X-Confluence-Request-Time: 1712698120
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=aw7agqi4qozyonxcsgwbbgwqkl49v0zj; Path=/; Secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=63072000
Content-Length: 31642

-766336104 | 2024-04-09T22:01:22.821673

6002 / tcp

HTTP/1.1 200 OK
Date: Tue, 09 Apr 2024 22:01:22 GMT
Content-Length: 4680
Content-Type: text/html

384821124 | 2024-04-09T22:24:45.886828

6633 / tcp

HTTP/1.1 200 OK
Date: Tue, 09 Apr 2024 22:24:45 GMT
Server: nginx
X-Confluence-Request-Time: 1712701485
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=aw7agqi4qozyonxcsgwbbgwqkl49v0zj; Path=/; Secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=63072000
Content-Length: 31642

586566355 | 2024-04-17T16:38:36.386032

9443 / tcp

HTTP/1.1 404 Not Found
x-amzn-RequestId: a8af9a01-ef10-40b2-a7f0-eccfb59697bd
Date: Wed, 17 Apr 2024 16:38:36 GMT
Content-Length: 29
connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:54:57:89:48:8c:72:6f:6b:9a:80:eb:c5:ab:79:53
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M01
        Validity
            Not Before: Jan 24 00:00:00 2024 GMT
            Not After : Dec 26 23:59:59 2024 GMT
        Subject: CN=rbde.rdwf-prod003-us-west-1.razorbill.codedeploy.a2z.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8b:24:87:fc:31:ee:df:65:6e:cf:77:22:6b:ee:
                    58:66:95:36:ba:03:01:b6:76:f3:bd:db:fd:dd:c8:
                    a9:36:46:f2:aa:e5:d6:b0:34:f1:0c:15:76:79:da:
                    23:c0:4a:53:e0:ce:26:81:da:94:dd:75:a5:4b:2a:
                    cb:cb:d4:f6:25:20:2a:df:1b:07:b6:9a:fa:5c:a6:
                    8e:aa:bd:90:b0:fd:25:c2:30:87:41:26:82:e8:83:
                    b3:99:c1:bd:1c:b7:c5:b8:42:12:17:bd:62:8e:8b:
                    ab:a7:58:31:95:34:90:2c:9e:ea:bf:9c:3b:44:b1:
                    72:1c:7a:92:dc:d8:df:0d:3d:b1:e5:40:92:31:39:
                    95:94:06:10:c8:30:e5:bb:86:30:5c:cc:6d:b9:c5:
                    69:3c:7c:5d:13:dd:16:67:a9:c0:57:a1:02:a6:ea:
                    57:98:8d:11:48:27:b5:ee:f2:fe:1d:a6:e2:ca:4a:
                    d5:57:bc:9c:43:69:5d:6c:1f:7b:0b:b8:c1:52:1a:
                    bc:59:5e:f2:15:c1:58:39:eb:14:53:1b:ba:de:35:
                    2a:ff:ac:96:37:73:18:88:7b:48:20:7b:df:6c:86:
                    76:5b:3b:7e:32:61:b1:42:dc:bf:cc:6c:a1:bd:0b:
                    b1:6e:f6:6e:a6:47:c7:02:04:f8:04:b6:20:8b:bd:
                    e0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                81:B8:0E:63:8A:89:12:18:E5:FA:3B:3B:50:95:9F:E6:E5:90:13:85
            X509v3 Subject Key Identifier: 
                1F:D3:06:93:40:6B:9E:A9:BD:09:7E:71:0D:97:02:DE:4F:6D:AC:C6
            X509v3 Subject Alternative Name: 
                DNS:rbde.rdwf-prod003-us-west-1.razorbill.codedeploy.a2z.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m01.amazontrust.com/r2m01.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m01.amazontrust.com
                CA Issuers - URI:http://crt.r2m01.amazontrust.com/r2m01.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jan 24 09:16:08.168 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2F:95:BE:DB:4F:80:0D:6F:C6:E1:03:D2:
                                56:73:58:42:CA:4E:39:F0:CD:64:45:5A:22:35:28:36:
                                24:DB:71:51:02:20:4D:69:4D:37:98:80:06:26:4D:E5:
                                41:BC:6C:85:F7:A6:36:3B:3F:3B:66:6C:5F:53:8C:3D:
                                2D:D9:12:B9:BA:C0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jan 24 09:16:08.144 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:25:B4:2B:8A:3A:02:7C:D2:4E:A2:6E:B3:
                                45:BC:12:F3:A3:D3:5C:3E:17:E4:15:43:4F:DA:12:31:
                                0B:EA:A7:E8:02:21:00:8A:4F:1E:D2:01:49:8C:AB:C0:
                                D4:BE:AE:9C:DC:85:FA:10:BF:DD:4A:F8:F1:FD:D2:3A:
                                87:45:BE:4E:D6:54:CA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Jan 24 09:16:08.136 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:73:E6:47:F6:5B:40:36:28:D2:0C:40:72:
                                5E:59:75:C6:0A:B0:62:F6:57:98:21:FA:6D:12:60:D1:
                                7A:6E:61:DC:02:20:3A:B5:ED:17:29:BC:35:46:C5:1D:
                                A2:1E:73:3E:CA:70:C9:77:DB:EB:3D:1E:34:46:AF:2D:
                                C5:9E:E6:CD:09:B0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2b:34:b2:b3:c1:ed:bb:ec:25:71:16:ed:c2:6e:eb:3d:96:57:
        7c:f1:44:a4:ae:a6:fa:56:af:65:1a:06:aa:87:1a:02:ec:aa:
        9b:f8:39:d8:a5:84:cc:00:0b:79:7c:2c:6b:5e:a7:a1:a1:29:
        91:1d:8c:53:73:bd:c5:3a:40:fa:03:51:74:fb:0a:49:e7:1b:
        2a:a6:81:28:32:48:f0:d7:5e:01:bf:3c:5b:50:88:3e:71:de:
        22:cf:3c:97:49:84:7e:f6:9c:a7:40:8e:1b:86:bb:46:73:15:
        c5:e3:34:74:b1:b7:46:2f:52:39:6b:36:f7:0b:b1:2d:56:2f:
        9e:83:fe:7e:76:9b:b9:27:9a:e0:03:b2:71:c8:d4:ba:ba:37:
        3c:52:91:47:30:ad:f0:a6:f4:9f:91:c1:9e:bc:80:0e:c0:66:
        ae:a1:66:bf:69:e8:f5:c4:b4:ee:a9:16:c7:b7:ba:e5:0c:61:
        72:4c:02:0d:dc:83:53:a3:f7:7d:0c:32:b8:2c:dd:de:c4:58:
        cc:4a:13:eb:59:7a:6f:ef:19:99:33:ef:ac:ea:91:23:be:e4:
        28:e2:e9:ba:19:56:9b:68:63:58:5f:68:1a:6b:cb:70:1d:53:
        f2:59:56:85:95:e9:c0:93:75:7d:a3:34:7a:50:40:8f:39:d0:
        a5:e7:35:31

1202676200 | 2024-04-09T21:46:46.884180

50070 / tcp

HTTP/1.1 200 OK
Date: Tue, 09 Apr 2024 21:46:46 GMT
Server: Apache
Expires: Tue, 09 Apr 2024 21:46:46 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: kboxid=ywhitj14ln3hiqeiu4ups3yh8a5u5reg; path=/; secure; HttpOnly; SameSite=Lax
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Access-Control-Allow-Headers: x-kace-auth-timestamp, x-kace-auth-key, x-kace-auth-signature, accept, origin, content-type
Access-Control-Allow-Methods: PUT, DELETE, POST, GET, OPTIONS
X-Kace-Appliance: K1000
X-Ua-Compatible: IE=9,EDGE
Content-Length: 8986
Content-Type: text/html

54.176.3.188

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

384821124 | 2024-04-09T21:28:40.643192
4567 / tcp

nginx

-766336104 | 2024-04-09T22:01:22.821673
6002 / tcp

384821124 | 2024-04-09T22:24:45.886828
6633 / tcp

nginx

586566355 | 2024-04-17T16:38:36.386032
9443 / tcp

1202676200 | 2024-04-09T21:46:46.884180
50070 / tcp

Products

Pricing

Contact Us

54.176.3.188

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

384821124 | 2024-04-09T21:28:40.643192 4567 / tcp

nginx

-766336104 | 2024-04-09T22:01:22.821673 6002 / tcp

384821124 | 2024-04-09T22:24:45.886828 6633 / tcp

nginx

586566355 | 2024-04-17T16:38:36.386032 9443 / tcp

1202676200 | 2024-04-09T21:46:46.884180 50070 / tcp

Products

Pricing

Contact Us

384821124 | 2024-04-09T21:28:40.643192
4567 / tcp

-766336104 | 2024-04-09T22:01:22.821673
6002 / tcp

384821124 | 2024-04-09T22:24:45.886828
6633 / tcp

586566355 | 2024-04-17T16:38:36.386032
9443 / tcp

1202676200 | 2024-04-09T21:46:46.884180
50070 / tcp