Scan Summary
CIS AWS v1.5.0
Compliance status: 156 issuesPCI DSS v4.0
Compliance status: 222 issuesHIPAA
Compliance status: 214 issuesContainer Images
Among 22 analyzed container images, the following were found to be vulnerable:
| nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) | |
| openssl: SM2 Decryption Buffer Overflow | |
| gnutls: Use after free in client key_share extension | |
| gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c | |
| lz4: memory corruption due to an integer overflow bug caused by memmove argument |
| nettle: Out of bounds memory access in signature verification | |
| nettle: Remote crash in RSA decryption via manipulated ciphertext | |
| openssl: integer overflow in CipherUpdate | |
| libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c | |
| systemd: use-after-free when asynchronous polkit queries are performed |
| glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read | |
| glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop | |
| glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | |
| glibc: Arbitrary read in wordexp() | |
| rpm: Signature checks bypass via corrupted rpm package |
Latest malicious container images:
| Repository | Image tag | Malware |
|---|---|---|
| kitex33237/ubuntu2 | latest | Unix.Trojan.Generic-9919438-0 |
| pranavbhatia/openvas2 | latest | Unix.Tool.Pnscan-8031486-0 |
| strixtest/strix | latest | Multios.Coinminer.Miner-6781728-2 |
| frozenfox/tomcat | wolv | Win.Adware.LoadMoney-3644756-1 |
| tecexokel/prefab-parser | latest | Multios.Coinminer.Miner-6781728-2 |
Top malware detections:
| Malware | Malicious files |
|---|---|
| Js.Coinminer.Agent-7049519-0 | 2 |
| Unix.Trojan.Generic-9919438-0 | 2 |
| Multios.Coinminer.Miner-6781728-2 | 2 |
Top ports found to be exposed by containers:
Top networking services that match the ports exposed by containers:
Security Issues
CloudWatch
Key Management Service
GuardDuty
Simple Email Service
Organizations
Elastic File System
Elastic Beanstalk
Comprehend
Certificate Manager
Systems Manager
Transfer Family
CloudFront
CloudFormation
SageMaker
CloudTrail
Lambda
Athena
SNS
DynamoDB
EKS
Scan Summary
| Account name | Assets scanned | Issues found | Malicious containers | Last scan | Current Status |
|---|---|---|---|---|---|
| another-account-admin | 504 | 525 | 2 | Last scan: Ok | |
| another-account-qa | 201 | 177 | 1 | Last scan: Ok | |
| Total | 705 | 702 | 3 |
Container Images
Among 36 analyzed container images across 2 accounts, the following were found to be vulnerable:
| Account name | Critical | High | Medium | Legend |
|---|---|---|---|---|
| another-account-admin | 9 | 1 | — |
|
| another-account-qa | 8 | 1 | — |
|
| Total | 17 | 2 | — |
Latest malicious container images:
| Account name | Infected Image(s) |
|---|---|
| another-account-admin | kitex33237/ubuntu2:latest → Unix.Trojan.Generic-9919438-0 resultui:latest → Js.Coinminer.Agent-7049519-0 |
| another-account-qa | xmrig-11:xmrig-11 → Multios.Coinminer.Miner-6781728-2 |
Top malware detections:
| Malware | Malicious files |
|---|---|
| Js.Coinminer.Agent-7049519-0 | 2 |
| Unix.Trojan.Generic-9919438-0 | 1 |
| Multios.Coinminer.Miner-6781728-2 | 1 |
Top ports found to be exposed by containers:
Top networking services that match the ports exposed by containers:
Security Issues
Critical
161High
75Medium
276Low
189Informational
0Suppressed
1| Account name | Critical | High | Medium | Low | Informational | Suppressed | Legend |
|---|---|---|---|---|---|---|---|
| another-account-admin | 141 | 64 | 207 | 113 | — | — |
|
| another-account-qa | 20 | 11 | 69 | 76 | — | 1 |
|
| Total | 161 | 75 | 276 | 189 | — | 1 |