10.247.12.

7
December 02, 2024

Report Summary
User Name: Anand Pandey
Company: NIC -NDCSP
User Role: Manager
Address: BLOCK 3, Ist Floor NDC, Delhi IT Park Shastri Park
City: New Delhi
State: Delhi
Zip: 110053
Country: India
Created: 02 Dec 2024 07:37:27 PM (GMT+0530)
Template Title: NIC report template
Asset Groups: -
IPs: 10.247.12.7
Sort by: Host
Trend Analysis: Latest vulnerability data
Date Range: 01 Jan 1999 - 02 Dec 2024
Active Hosts: 1
Hosts Matching Filters: 1

Summary of Vulnerabilities

Vulnerabilities Total 1 Security Risk (Avg) 4.0 Business Risk 36/100

by Severity
Severity Confirmed Potential Information Gathered Total
5 0 - - 0
4 1 - - 1
3 0 - - 0
2 0 - - 0
1 0 - - 0
Total 1 - - 1

5 Biggest Categories
Category Confirmed Potential Information Gathered Total
Windows 1 - - 1
Total 1 - - 1

10.247.12.7 page 1
Vulnerabilities by Status

Vulnerabilities by Severity

Information Gathered by Severity

10.247.12.7 page 2
Top 5 Vulnerable Categories

Operating Systems Detected

Detailed Results

10.247.12.7 (rt02ircp-web, RT02IRCP-WEB) Windows Server 2016 Datacenter 64 bit Edition Version ...
cpe:/o:microsoft:windows_server_2016:1607::x64:
Host Identification Information
IPs
QG Host ID 12f66757-c2ab-4663-a77c-191a2b457278

Vulnerabilities Total 1 Security Risk 4.0

by Severity
Severity Confirmed Potential Information Gathered Total
5 0 - - 0
4 1 - - 1
3 0 - - 0
2 0 - - 0
1 0 - - 0
Total 1 - - 1

5 Biggest Categories
Category Confirmed Potential Information Gathered Total
Windows 1 - - 1
Total 1 - - 1

Vulnerabilities (1)

4 Microsoft Visual C++ Redistributable Installer Elevation of Privilege Vulnerability CVSS: 5 CVSS3.1: 6.8 Active

QID: 92183 CVSS Base: 6.8 [1]

Category: Windows CVSS Temporal: 5.0
Associated CVEs: CVE-2024-43590
Vendor Reference: CVE-2024-43590

10.247.12.7 page 3
 Bugtraq ID: -
Service Modified: 18 Nov 2024 CVSS3.1 Base: 7.8
User Modified: - CVSS3.1 Temporal: 6.8
Edited: No
PCI Vuln: Yes
Ticket State:

First Detected: 14 Nov 2024 07:06:17 PM (GMT+0530)

Last Detected: 02 Dec 2024 02:40:37 PM (GMT+0530)
Times Detected: 49
Last Fixed: N/A

CVSS Environment:
Asset Group: -
Collateral Damage Potential: -
Target Distribution: -
Confidentiality Requirement: -
Integrity Requirement: -
Availability Requirement: -

THREAT:

The Visual C++ Redistributable installs Microsoft C and C++ (MSVC) runtime libraries. Many applications built using Microsoft C and C++ tools require
these libraries.

Affected Version:
The entire range of Visual C++ Redistributable installers from version 14.0 less than to 14.40.33810.0 is affected.

IMPACT:

An attacker who successfully exploited this vulnerability could create or delete files in the security context of the "NT AUTHORITY LOCAL
SERVICE" account.

SOLUTION:

Customers are advised to update to latest version of Microsoft Visual C++ Redistributable. Refer to The Latest Supported Visual C++
Redistributable Downloads (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-43590) for more details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
CVE-2024-43590 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-43590)

RESULTS:

HKLM\SOFTWARE\WOW6432Node\Microsoft\VisualStudio\14.0\VC\Runtimes\X64 Version = v14.28.29914.00

HKLM\SOFTWARE\WOW6432Node\Microsoft\VisualStudio\14.0\VC\Runtimes\X86 Version = v14.28.29914.00

10.247.12.7 page 4
Appendix

Report Filters
Excluded Vulnerability Lists: Exclusion RHEL Mariadb (QID- 240255), OpenSSH Information
Disclosure Vulnerability (Generic) _CVE-2020-14145
Excluded QIDs: 240255, 650035
Status: New, Active, Re-Opened
Display non-running kernels: Off
Exclude non-running kernels: On
Exclude non-running services: Off
Exclude QIDs not exploitable due to configuration: Off
Vulnerabilities: State:Active
Included Operating Systems: All Operating Systems

Report Legend

Vulnerability Levels

A Vulnerability is a design flaw or mis-configuration which makes your network (or a host on your network) susceptible to malicious attacks from local or
remote users. Vulnerabilities can exist in several areas of your network, such as in your firewalls, FTP servers, Web servers, operating systems or CGI bins.
Depending on the level of the security risk, the successful exploitation of a vulnerability can vary from the disclosure of information about the host to a
complete compromise of the host.

Severity Level Description

1 Minimal Intruders can collect information about the host (open ports, services, etc.) and may be
able to use this information to find other vulnerabilities.

2 Medium Intruders may be able to collect sensitive information from the host, such as the
precise version of software installed. With this information, intruders can easily
exploit known vulnerabilities specific to software versions.

3 Serious Intruders may be able to gain access to specific information stored on the host,
including security settings. This could result in potential misuse of the host by
intruders. For example, vulnerabilities at this level may include partial disclosure of
file contents, access to certain files on the host, directory browsing, disclosure of
filtering rules and security mechanisms, denial of service attacks, and unauthorized use
of services, such as mail-relaying.

4 Critical Intruders can possibly gain control of the host, or there may be potential leakage of
highly sensitive information. For example, vulnerabilities at this level may include
full read access to files, potential backdoors, or a listing of all the users on the
host.

5 Urgent Intruders can easily gain control of the host, which can lead to the compromise of your
entire network security. For example, vulnerabilities at this level may include full
read and write access to files, remote execution of commands, and the presence of
backdoors.

Potential Vulnerability Levels

A potential vulnerability is one which we cannot confirm exists. The only way to verify the existence of such vulnerabilities on your network would be to perform
an intrusive scan, which could result in a denial of service. This is strictly against our policy. Instead, we urge you to investigate these potential
vulnerabilities further.

Severity Level Description

1 Minimal If this vulnerability exists on your system, intruders can collect information about the
host (open ports, services, etc.) and may be able to use this information to find other
vulnerabilities.

2 Medium If this vulnerability exists on your system, intruders may be able to collect sensitive
information from the host, such as the precise version of software installed. With this
information, intruders can easily exploit known vulnerabilities specific to software
versions.

3 Serious If this vulnerability exists on your system, intruders may be able to gain access to
specific information stored on the host, including security settings. This could result
in potential misuse of the host by intruders. For example, vulnerabilities at this level
may include partial disclosure of file contents, access to certain files on the host,
directory browsing, disclosure of filtering rules and security mechanisms, denial of
service attacks, and unauthorized use of services, such as mail-relaying.

10.247.12.7 page 5
 Severity Level Description

4 Critical If this vulnerability exists on your system, intruders can possibly gain control of the
host, or there may be potential leakage of highly sensitive information. For example,
vulnerabilities at this level may include full read access to files, potential
backdoors, or a listing of all the users on the host.

5 Urgent If this vulnerability exists on your system, intruders can easily gain control of the
host, which can lead to the compromise of your entire network security. For example,
vulnerabilities at this level may include full read and write access to files, remote
execution of commands, and the presence of backdoors.

Information Gathered

Information Gathered includes visible information about the network related to the host, such as traceroute information, Internet Service Provider (ISP), or a
list of reachable hosts. Information Gathered severity levels also include Network Mapping data, such as detected firewalls, SMTP banners, or a list of open
TCP services.

Severity Level Description

1 Minimal Intruders may be able to retrieve sensitive information related to the host, such as
open UDP and TCP services lists, and detection of firewalls.

2 Medium Intruders may be able to determine the operating system running on the host, and view banner versions.

3 Serious Intruders may be able to detect highly sensitive data, such as global system user lists.

Footnotes

This footnote indicates that the CVSS Base score that is displayed for the vulnerability is not supplied by NIST. When the service looked up the latest NIST
score for the vulnerability, as published in the National Vulnerability Database (NVD), NIST either listed the CVSS Base score as 0 or did not provide a score in
the NVD. In this case, the service determined that the severity of the vulnerability warranted a higher CVSS Base score. The score provided by the service is
displayed.

CONFIDENTIAL AND PROPRIETARY INFORMATION.

Qualys provides the QualysGuard Service "As Is," without any warranty of any kind. Qualys makes no warranty that the information contained in this
report is complete or error-free. Copyright 2024, Qualys, Inc.

10.247.12.7 page 6