GeneralInformation

Hostnames	vps-777de942.vps.ovh.net vianpe.pt bws.vianpe.pt www.vianpe.pt
Domains	ovh.net vianpe.pt
Country	France
City	Strasbourg
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(21)

CVE-2024-21171

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21102

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21101

2.2Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

CVE-2024-21096

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

CVE-2024-21090

7.5Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21087

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21069

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21062

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21061

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21047

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20985

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20981

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20977

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20975

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20973

CVE-2024-20971

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20969

5.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVE-2024-20967

5.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVE-2024-20965

CVE-2024-20963

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-20961

2023(11)

CVE-2023-22114

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-22103

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-22097

CVE-2023-22095

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-22084

4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-22032

OpenPorts

80 443 3000 3306

80 / tcp

1787423254 | 2025-02-26T23:41:18.428367

Hashes

hash

-45217457

http.dom_hash

1239617585

http.html_hash

1787423254

http.server_hash

-1097237905

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 26 Feb 2025 23:41:18 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

443 / tcp

302949206 | 2025-02-24T08:03:43.811264

Hashes

hash

171849539

http.dom_hash

-723686037

http.html_hash

302949206

http.server_hash

-1097237905

http.title_hash

416463820

VIANPE BWS Portal

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 24 Feb 2025 08:03:43 GMT
Content-Type: text/html
Content-Length: 466
Connection: keep-alive
Last-Modified: Sat, 06 Jan 2024 14:54:33 GMT
ETag: "659969a9-1d2"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ab:09:e5:b7:04:2b:b7:91:14:7b:6f:1a:73:9b:dc:c2:92
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E5
        Validity
            Not Before: Jan 27 09:09:55 2025 GMT
            Not After : Apr 27 09:09:54 2025 GMT
        Subject: CN=vianpe.pt
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:cd:80:c9:d1:85:28:14:41:f8:ee:e7:71:b0:19:
                    a4:7e:35:f1:86:c4:71:c7:ca:d7:a7:25:3f:08:2c:
                    cd:aa:1f:8b:2d:c1:3f:37:f0:d0:34:56:f4:35:df:
                    81:ab:3b:06:f8:a4:0b:5a:50:32:b7:64:8b:8d:05:
                    85:5e:f4:04:e2
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                AE:10:4D:3D:A8:58:BA:86:3C:1F:8B:44:30:DF:6D:70:2B:99:5D:7C
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bws.vianpe.pt, DNS:vianpe.pt, DNS:www.vianpe.pt
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 27 10:08:25.391 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:24:45:6F:BA:40:22:F0:68:42:61:0F:26:
                                87:65:0D:E2:82:F5:65:BE:99:DC:6C:EF:6D:26:F9:2E:
                                5A:EC:4B:FB:02:21:00:8C:F1:28:34:1B:4F:43:AC:A8:
                                AF:1A:27:96:B4:E9:05:6F:2E:B5:47:E1:55:5B:25:83:
                                61:5D:CB:56:2B:D9:14
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Jan 27 10:08:25.416 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:43:02:1F:1A:B0:FD:6E:6A:F4:AF:EC:6E:C3:12:2C:
                                9B:DC:47:7A:2F:26:D2:E1:F7:91:D8:2A:57:E2:A2:DD:
                                5F:DB:59:02:20:2B:72:57:0C:D6:FF:75:E3:23:46:8C:
                                35:26:31:0C:BF:63:97:72:BE:6B:5D:D1:79:AA:0B:54:
                                20:40:C2:BA:86
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:64:02:30:32:6a:89:2b:10:f2:3f:67:ef:60:b1:60:27:85:
        d9:b8:f7:f2:4e:fc:c4:69:d6:a4:84:b6:18:24:4e:06:0f:9a:
        e1:dc:2a:3e:d5:13:f7:95:b2:9d:1e:44:59:3d:74:85:02:30:
        79:a3:c8:01:dc:4d:a9:69:d4:89:05:8f:d1:8e:c8:11:1d:23:
        1c:fe:b3:33:ae:22:d8:cd:57:24:4f:28:cb:45:5c:b0:37:1a:
        52:f1:29:37:bf:4c:32:7f:2e:a3:5e:71

3000 / tcp

302949206 | 2025-02-28T11:23:15.406674

Hashes

hash

287536967

http.dom_hash

-723686037

http.html_hash

302949206

http.server_hash

702752394

http.title_hash

416463820

VIANPE BWS Portal

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 28 Feb 2025 11:23:15 GMT
Content-Type: text/html
Content-Length: 466
Last-Modified: Sat, 06 Jan 2024 14:54:33 GMT
Connection: keep-alive
ETag: "659969a9-1d2"
Accept-Ranges: bytes

3306 / tcp

-1042227101 | 2025-02-28T04:15:21.186428

MySQL:
  Protocol Version: 10
  Version: 8.1.0
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

Vulnerabilities

1 30 1

51.91.100.253

Last Seen: 2025-02-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

80 / tcp

1787423254 | 2025-02-26T23:41:18.428367

Hashes

nginx1.22.0

443 / tcp

302949206 | 2025-02-24T08:03:43.811264

Hashes

nginx1.22.0

3000 / tcp

302949206 | 2025-02-28T11:23:15.406674

Hashes

nginx1.25.3

3306 / tcp

-1042227101 | 2025-02-28T04:15:21.186428

MySQL8.1.0

Products

Pricing

Contact Us

51.91.100.253

Last Seen: 2025-02-28

Tags:

GeneralInformation

Vulnerabilities All ports Port 3306 Latest CVSS

OpenPorts

80 / tcp 1787423254 | 2025-02-26T23:41:18.428367

Hashes

nginx1.22.0

443 / tcp 302949206 | 2025-02-24T08:03:43.811264

Hashes

nginx1.22.0

3000 / tcp 302949206 | 2025-02-28T11:23:15.406674

Hashes

nginx1.25.3

3306 / tcp -1042227101 | 2025-02-28T04:15:21.186428

MySQL8.1.0

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1787423254 | 2025-02-26T23:41:18.428367

443 / tcp

302949206 | 2025-02-24T08:03:43.811264

3000 / tcp

302949206 | 2025-02-28T11:23:15.406674

3306 / tcp

-1042227101 | 2025-02-28T04:15:21.186428