Healthix Vulnerability and Penetration Testing Report

 

Ref

Observation

Impact

Risk Rating

 Recommendation

2020

W 5.2.1

Database Credential in Error Message

Database credentials leaked in error message. During login on  http://104.248.143.105:8000/api/admin/ the application takes long to respond and eventually throws an error.

The credentials leaked can be used to compromise the database and the data.

 

Disable debugging on the application and correct the response time on the application.

2020

W 5.2.2

Debug enabled on http://104.248.143.105:8000/

When visiting the above URL, we are present with a page that suggests possible directory on the server. This happens when the debug mode is enabled on the application.

The information presented on the page gives more info that may used but an attacker to attack the application.

 

Disable debugging on the application.

2020

W 5.2.3

SSH and other ports found on the server

The IPs 104.248.143.105, 104.236.39.170 and 104.236.37.64 have ports 22, 53, 443 and others open.

Some of the ports,such as 22 can be abused by attackers by doing a bruteforce attack which may lead to DDoS attack.

        

Disable unused ports.

 

 

 

Ref

Observation

Impact

Risk Rating

Recommendation

2020

W 5.2.4

GraphQL Console Enabled

The endpoint http://104.248.143.105:8000/api/graphql gives a graphql web interface that is accessible without credentials, the interface allows for graphql queries to the server.

The interface can be abused by an attacker to bruteforce the queries.

 

Restrict access to the console or disable the console.

 

 

Evidence

 1.      Database Credential in Error Message

 

 

2.      Debug enabled on http://104.248.143.105:8000/

 

 

3.      SSH and other ports found on the server

 

4.      GraphQL Console Enabled

 

 

Did you encounter a problem or do you have a suggestion?

Please contact our Service Desk



This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/