CONFIDENTIAL//FOR OFFICIAL USE ONLY

AWS Vulnerability Top

Ten Executive Report
Generated on February 1, 2022 at 11:47 AM
CET

Mariano Matute [hlp_matutmar1]

ADIDAS

CONFIDENTIAL//FOR OFFICIAL USE ONLY

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

Table of Contents
About this report ............................................................................................................................................................... 1

Executive Summary ....................................................................................................................................................... 2

Top 10 Remediations .................................................................................................................................................... 4

Top 10 Exploitable Vulnerabilities ................................................................................................................ 5

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

Table of Contents

AWS Vulnerability Top Ten Executive Report i

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

About this report

Organizations have commonly faced vulnerabilities present in user applications such as Java, Flash
and Microsoft Office. Local software installations require time on a continual basis for analysts and
administrators to remediate associated vulnerabilities. Operating system vulnerabilities will always be a
focus of remediation efforts, but client-side vulnerabilities also continue to be a constant source of risk to the
organization.
The landscape of a modern organization includes vulnerabilities from known sources such as operating
systems and client-side software. However, mobile devices and hardware appliances are also potential
sources of vulnerabilities. As organizations continue the path of routine remediation of operating system
and client-side vulnerabilities, other threats may continue to linger in the organization. This report can assist
analysts by giving executive-level information about the top vulnerabilities in the organization. Using this
report, analysts and management can quickly see information relevant to the organization to help assist
them identify and properly deal with vulnerabilities.

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

About this report

AWS Vulnerability Top Ten Executive Report 1

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

Executive Summary
Organizations can best deal with vulnerabilities in the environment when analysts are aware of the threat.
Once analysts are best informed of the vulnerabilities present, analysts and administrators can work
to remediate the vulnerabilities or mitigate the risk. This report helps to illustrate vulnerabilities across
both traditional and new threat vectors. Office productivity software is one example of a traditional threat
vector. New threats to the organization include mobile devices as part of “Bring-Your-Own-Device” (BYOD)
strategies as well as potential data leaks in the environment.
The “Top 10 Most Vulnerable Hosts” table uses vulnerability scores to prioritize hosts and present a top
10 list. The score is assessed from the weights assigned to the vulnerability severity levels. Analysts can
use this information to help form remediation strategies based on the ten most vulnerable hosts in the
organization.

Top 10 Most Vulnerable Hosts

IP Address NetBIOS Name DNS Name Total

10.145.80.14 114
10.145.87.182 115
PPDAPONFSTST1A\PPDAPON
10.145.80.11 62
FSTST1A
10.145.110.68 80
10.145.81.92 ADSCLD\DEVJISSQLSIN2A 51
10.145.112.237 57
10.145.113.187 68
10.145.108.82 70
10.145.60.40 72
10.145.112.82 59

The “Top 10 Most Vulnerable Exploitable Hosts” table element focuses on hosts that have vulnerabilities
that have exploits available. Having two different views of hosts can help articulate the differences of
vulnerabilities present on hosts in the organization.

Top 10 Most Vulnerable Exploitable Hosts

IP Address NetBIOS Name DNS Name Total

10.145.80.14 16
10.145.87.182 16
10.145.104.242 ADSCLD\PRDLDWAPPBJI1A 11
10.145.85.20 ADSCLD\DEVJISWEBSIN2A 13
10.145.104.78 ADSCLD\PRDSTRAPPBJI1A 12
10.145.105.78 8
10.145.112.82 8
10.145.81.92 ADSCLD\DEVJISSQLSIN2A 11
10.145.112.21 8

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

Executive Summary

AWS Vulnerability Top Ten Executive Report 2

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

IP Address NetBIOS Name DNS Name Total

10.145.112.92 8

The “Top 10 Most Vulnerable Subnets” table uses the vulnerability score calculated across a Class C
network range of hosts to build a top ten list. Using this information, analysts can focus their remediation
efforts on the most vulnerable networks.

Top 10 Most Vulnerable Subnets

IP Address Med. High Crit. Total Vulns

10.145.112.0/24 1424 502 123 2049 123502 1424
10.145.104.0/24 1665 526 87 2278 87526 1665
10.145.105.0/24 1452 438 81 1971 81438 1452
10.145.108.0/24 1481 457 51 1989 51
457 1481
10.145.113.0/24 938 368 105 1411 105
368 938
10.145.109.0/24 1323 434 46 1803 46
434 1323
10.145.110.0/24 532 166 20 718 20
166532
10.145.80.0/24 431 100 33 564 33
100
431
10.145.111.0/24 360 116 16 492 16
116360
10.145.16.0/24 303 146 11 460 11
146303

The “Top 10 Most Vulnerable Exploitable Subnets” table element focuses on network subnets with
vulnerabilities that have exploits available. Having two different views of network subnets can help articulate
the differences of vulnerabilities present in network subnets in the organization.

Top 10 Most Vulnerable Exploitable Subnets

IP Address Med. High Crit. Total Vulns

10.145.112.0/24 151 114 11 276 11114 151
10.145.104.0/24 160 151 1 312 1 51 160
10.145.108.0/24 140 133 1 274 1 33 140
10.145.105.0/24 160 117 2 279 2117 160
10.145.109.0/24 121 129 0 250 129 121
10.145.113.0/24 103 77 5 185 577 103
10.145.110.0/24 56 40 3 99 340 56
10.145.80.0/24 73 32 1 106 132 73
10.145.111.0/24 34 29 2 65 229 34
10.145.16.0/24 21 30 0 51 30 21

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

Executive Summary

AWS Vulnerability Top Ten Executive Report 3

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

Top 10 Remediations
The “Top 10 Remediations” chapter presents a list of the top 10 remediations for the organization. The
"Top 10 Remediations" table component is filtered on vulnerabilities with a severity of high or critical. The
component is then sorted by the highest risk reduction percentage assigned for each vulnerability. Each
remediation displays the solution of the vulnerability for remediation, a risk reduction percentage, the number
of hosts affected by the vulnerability and the vulnerability percentage. Vulnerabilities detected with Nessus
and PVS offer remediation guidance to assist analysts. Implementing these remediations will decrease the
vulnerability risk of the organization.

Top 10 Remediations

Risk Reduction Hosts Affected Vulnerability %

Solution: Fix CentOS 7 : libxml2 (CESA-2021:3810)
13.80% 251 4.96%
Solution: Upgrade to a version of Apache Log4j that is currently supported.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilitie
s and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.
apache.org/log4j/2.x/security.html for the latest versions.
7.22% 132 2.61%
Solution: Fix Unix Operating System Unsupported Version Detection
4.95% 90 1.78%
Solution: Fix CentOS 7 : nss (CESA-2021:4904)
4.36% 245 4.84%
Solution: Fix CentOS 7 : sssd (CESA-2021:3336)
3.20% 233 4.60%
Solution: Fix CentOS 7 : samba (CESA-2021:5192)
3.04% 221 4.37%
Solution: Fix CentOS 7 : perl (CESA-2021:0343)
2.97% 216 4.27%
Solution: Fix CentOS 7 : glibc (CESA-2021:0348)
2.91% 212 4.19%
Solution: Fix CentOS 7 : net-snmp (CESA-2020:5350)
2.90% 211 4.17%
Solution: Fix CentOS 7 : expat (CESA-2020:3952)
2.83% 206 4.07%

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

Top 10 Remediations

AWS Vulnerability Top Ten Executive Report 4

 CONFIDENTIAL//FOR OFFICIAL USE ONLY

Top 10 Exploitable Vulnerabilities

The “Top 10 Exploitable Vulnerabilities” chapter displays the top 10 exploitable vulnerabilities on the
network. The list is sorted so that the most critical vulnerability is at the top of the list. For each vulnerability,
the name, severity and the number of hosts affected are shown. Because they are exploitable, analysts may
want to focus on these vulnerabilities as a higher priority than others. Adversaries can use software tools to
initiate attacks against exploitable vulnerabilities.

Top 10 Exploitable Vulnerabilities

Plugin Name Severity Host Total Total

Apache Log4j < 2.15.0 Remote Code Execution (Nix) Critical 90 90
KB5009546: Windows 10 Version 1607 and Windows
Critical 10 10
Server 2016 Security Update (January 2022)
NFS Exported Share Information Disclosure Critical 2 2
Security Updates for Microsoft .NET Framework (January
Critical 1 1
2020)
CentOS 7 : nss (CESA-2021:4904) High 221 221
CentOS 7 : sudo (CESA-2021:0221) High 205 205
CentOS 7 : ppp (CESA-2020:0630) High 155 155
CentOS 7 : libX11 (CESA-2021:3296) High 108 108
MS15-011: Vulnerability in Group Policy Could Allow
High 72 72
Remote Code Execution (3000483)
CentOS 7 : vim (CESA-2019:1619) High 35 35

CONFIDENTIAL//FOR OFFICIAL USE ONLY .

Top 10 Exploitable Vulnerabilities

AWS Vulnerability Top Ten Executive Report 5