PCI Scan Vulnerability Report

PCI Scan Vulnerability Report

PCI Status
The following table highlights the overall compliance status and each individual system's compliance status. Following the table is a detailed report specifying each
system and its specific vulnerabilities.

Overall PCI Status PASS

Live IP Address Scanned Security Risk Rating PCI Status
85.203.36.175

Sysnet Scanning Management System October 25, 2024 Page 2

PCI Scan Vulnerability Report

Report Summary
Company: HETHERSETT FISH BAR LTD
Hosts in account 1
Hosts scanned 1
Hosts active 1
Scan date October 25, 2024
Report date October 25, 2024

Summary of Vulnerabilities
Vulnerabilities total: 7 Security risk: 0

by Severity
Severity Confirmed Potential Information gathered Total
5 0 0 0 0
4 0 0 0 0
3 0 0 0 0
2 0 0 0 0
1 0 0 7 7
Total 0 0 7 7

by PCI Severity
PCI Severity Confirmed Potential Total
High 0 0 0
Medium 0 0 0
Low 0 0 0
Total 0 0 0

Sysnet Scanning Management System October 25, 2024 Page 3

PCI Scan Vulnerability Report

Sysnet Scanning Management System October 25, 2024 Page 4

PCI Scan Vulnerability Report

Sysnet Scanning Management System October 25, 2024 Page 5

PCI Scan Vulnerability Report

Detailed Results

85.203.36.175 (No registered hostname, )

Vulnerabilities total: 7 Security risk: 0

Information Gathered (7)

DNS Host Name

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 6
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2018-01-04 17:39:37.0

THREAT:
The fully qualified domain name of this host, if it was obtained from a DNS server, is displayed in the RESULT section.

IMPACT:
N/A

SOLUTION:
N/A

RESULT:

IP address Host name

85.203.36.175 No registered
hostname

Host Name Not Available

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Sysnet Scanning Management System October 25, 2024 Page 6

PCI Scan Vulnerability Report

Severity: 1
QID: 82056
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2004-10-07 18:04:44.0

THREAT:
Attempts to obtain the fully-qualified domain name (FQDN) or the Netbios name failed for this host.

IMPACT:
N/A

SOLUTION:
N/A

RESULT:
N/A

Host Scan Time - Scanner

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 45038
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2022-09-15 18:02:52.0

THREAT:
The Host Scan Time is the period of time it takes the scanning engine to perform the vulnerability assessment of a single target host. The Host Scan Time for this host is
reported in the Result section below.

The Host Scan Time does not have a direct correlation to the Duration time as displayed in the Report Summary section of a scan results report. The Duration is the
period of time it takes the service to perform a scan task. The Duration includes the time it takes the service to scan all hosts, which may involve parallel scanning. It also
includes the time it takes for a scanner appliance to pick up the scan task and transfer the results back to the service's Secure Operating Center. Further, when a scan
task is distributed across multiple scanners, the Duration includes the time it takes to perform parallel host scanning on all scanners.
IMPACT:
N/A

SOLUTION:
N/A

RESULT:
Scan duration: 2504 seconds

Sysnet Scanning Management System October 25, 2024 Page 7

PCI Scan Vulnerability Report

Start time: Fri, Oct 25 2024, 09:02:24 GMT

End time: Fri, Oct 25 2024, 09:44:08 GMT

Internet Service Provider

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 45005
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2013-09-27 19:31:33.0

THREAT:
The information shown in the Result section was returned by the network infrastructure responsible for routing traffic from our cloud platform to the target network (where
the scanner appliance is located).

This information was returned from: 1) the WHOIS service, or 2) the infrastructure provided by the closest gateway server to our cloud platform. If your ISP is routing
traffic, your ISP's gateway server returned this information.

IMPACT:
This information can be used by malicious users to gather more information about the network infrastructure that may aid in launching further attacks against it.

SOLUTION:
N/A

RESULT:
The ISP network handle is: 46-RIPE
ISP Network description:
RIPE Network Coordination Centre

ICMP Replies Received

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Sysnet Scanning Management System October 25, 2024 Page 8

PCI Scan Vulnerability Report

Severity: 1
QID: 82040
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2003-01-16 20:14:30.0

THREAT:
ICMP (Internet Control and Error Message Protocol) is a protocol encapsulated in IP packets. ICMP's principal purpose is to provide a protocol layer that informs
gateways of the inter-connectivity and accessibility of other gateways or hosts.

We have sent the following types of packets to trigger the host to send us ICMP replies:

Echo Request (to trigger Echo Reply)

Timestamp Request (to trigger Timestamp Reply)
Address Mask Request (to trigger Address Mask Reply)
UDP Packet (to trigger Port Unreachable Reply)
IP Packet with Protocol >= 250 (to trigger Protocol Unreachable Reply)

Listed in the "Result" section are the ICMP replies that we have received.

IMPACT:
N/A

SOLUTION:
N/A

RESULT:

ICMP Reply Type Triggered By Additional

Information
Echo (type=0 code=0) Echo Request Echo Reply

Traceroute

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 45006
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2003-05-09 18:28:51.0

THREAT:
Traceroute describes the path in realtime from the scanner to the remote host being contacted. It reports the IP addresses of all the routers in between.

Sysnet Scanning Management System October 25, 2024 Page 9

PCI Scan Vulnerability Report

IMPACT:
N/A

SOLUTION:
N/A

RESULT:

Hops IP Round Trip Time Probe

Port
1 140.91.222.84 0.60ms ICMP
2 154.14.43.2 0.92ms ICMP
3 154.14.43.1 1.66ms ICMP
4 89.149.128.98 7.62ms ICMP
5 46.33.78.242 7.69ms ICMP
6 85.203.36.175 8.38ms ICMP

Firewall Detected

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 34011
Category: Firewall
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 2019-04-22 02:37:57.0

THREAT:
A packet filtering device protecting this IP was detected. This is likely to be a firewall or a router using access control lists (ACLs).

IMPACT:
N/A

SOLUTION:
N/A

RESULT:
Some of the ports filtered by the firewall are: 20, 21, 22, 23, 25, 53, 80, 111, 135, 443.

Listed below are the ports filtered by the firewall.

No response has been received when any of these ports are probed.
1-381,383-1559,1561-1705,1707-1721,1723-1999,2001-2033,2035,2037-2100,
2102-2146,2148-2512,2514-2701,2703-3388,3390-5491,5493-5504,5506-5549,
5551-5559,5561-5569,5571-5579,5581-5630,5632-6013,6015-6128,6130-7006,
7008-7009,7011-9098,9100-9989,9991-10109,10111-42423,42425-65535

Sysnet Scanning Management System October 25, 2024 Page 10

PCI Scan Vulnerability Report

Sysnet Scanning Management System October 25, 2024 Page 11

PCI Scan Vulnerability Report

Appendices

Hosts Scanned
85.203.36.175

Hosts Not Alive

Option Profile

Scan
Scanned TCP Ports: Full
Scanned UDP Ports: Standard Scan
Scan Dead Hosts: Off
Load Balancer Detection: Off
Password Brute Forcing Standard
Vulnerability Detection Complete
Windows Authentication: Disabled
SSH Authentication: Disabled
Oracle Authentication: Disabled
SNMP Authentication: Disabled
Perform 3-way Handshake: Off

Advanced
Hosts Discovery: TCP Standard Scan, UDP Standard Scan, ICMP On
Ignore RST packets: Off
Ignore firewall-generated SYN-ACK packets: Off
Do not send ACK or SYN-ACK packets during host discovery: Off

Report Legend

Payment Card Industry (PCI) Status

An overall PCI compliance status of PASSED indicates that all hosts in the report passed the PCI compliance standards. A PCI compliance status of PASSED for a single
host/IP indicates that no vulnerabilities or potential vulnerabilities, as defined by the PCI DSS compliance standards set by the PCI Council, were detected on the host.

An overall PCI compliance status of FAILED indicates that at least one host in the report failed to meet the PCI compliance standards. A PCI compliance status of FAILED
for a single host/IP indicates that at least one vulnerability or potential vulnerability, as defined by the PCI DSS compliance standards set by the PCI Council, was
detected on the host.

Vulnerability Levels
A Vulnerability is a design flaw or mis-configuration which makes your network (or a host on your network) susceptible to malicious attacks from local or remote users.
Vulnerabilities can exist in several areas of your network, such as in your firewalls, FTP servers, Web servers, operating systems or CGI bins. Depending on the level of
the security risk, the successful exploitation of a vulnerability can vary from the disclosure of information about the host to a complete compromise of the host.

Sysnet Scanning Management System October 25, 2024 Page 12

PCI Scan Vulnerability Report

Severity Level Description

1 Minimal Intruders can collect information about the host (open ports, services, etc.) and may be able to use this information to find other
vulnerabilities.
2 Medium Intruders may be able to collect sensitive information from the host, such as the precise version of software installed. With this information,
intruders can easily exploit known vulnerabilities specific to software versions.
3 Serious Intruders may be able to gain access to specific information stored on the host, including security settings. This could result in potential
misuse of the host by intruders. For example, vulnerabilities at this level may include partial disclosure of file contents, access to certain files
on the host, directory browsing, disclosure of filtering rules and security mechanisms, denial of service attacks, and unauthorized use of
services, such as mail-relaying.
4 Critical Intruders can possibly gain control of the host, or there may be potential leakage of highly sensitive information. For example, vulnerabilities
at this level may include full read access to files, potential backdoors, or a listing of all the users on the host.
5 Urgent Intruders can easily gain control of the host, which can lead to the compromise of your entire network security. For example, vulnerabilities
at this level may include full read and write access to files, remote execution of commands, and the presence of backdoors.

Severity Level Description

Low A vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are not required to be fixed to pass PCI compliance.

Medium A vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.

High A vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.

Potential Vulnerability Levels

A potential vulnerability is one which we cannot confirm exists. The only way to verify the existence of such vulnerabilities on your network would be to perform an
intrusive scan, which could result in a denial of service. This is strictly against our policy. Instead, we urge you to investigate these potential vulnerabilities further.

Severity Level Description

1 Minimal If this vulnerability exists on your system, intruders can collect information about the host (open ports, services, etc.) and may be able to use
this information to find other vulnerabilities.
2 Medium If this vulnerability exists on your system, intruders may be able to collect sensitive information from the host, such as the precise version of
software installed. With this information, intruders can easily exploit known vulnerabilities specific to software versions.
3 Serious If this vulnerability exists on your system, intruders may be able to gain access to specific information stored on the host, including security
settings. This could result in potential misuse of the host by intruders. For example, vulnerabilities at this level may include partial disclosure
of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, denial of service
attacks, and unauthorized use of services, such as mail-relaying.
4 Critical If this vulnerability exists on your system, intruders can possibly gain control of the host, or there may be potential leakage of highly
sensitive information. For example, vulnerabilities at this level may include full read access to files, potential backdoors, or a listing of all the
users on the host.
5 Urgent If this vulnerability exists on your system, intruders can easily gain control of the host, which can lead to the compromise of your entire
network security. For example, vulnerabilites at this level may include full read and write access to files, remote execution of commands,
and the presence of backdoors.

Sysnet Scanning Management System October 25, 2024 Page 13

PCI Scan Vulnerability Report

Severity Level Description

Low A potential vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are not required to be fixed to pass PCI
compliance.
Medium A potential vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.

High A potential vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.

Information Gathered
Information Gathered includes visible information about the network related to the host, such as traceroute information, Internet Service Provider (ISP), or a list of
reachable hosts. Information Gathered severity levels also include Network Mapping data, such as detected firewalls, SMTP banners, or a list of open TCP services.

Severity Level Description

1 Minimal Intruders may be able to retrieve sensitive information related to the host, such as open UDP and TCP services lists, and detection of
firewalls.
2 Medium Intruders may be able to determine the operating system running on the host, and view banner versions.

3 Serious Intruders may be able to detect highly sensitive data, such as global system user lists.

Sysnet Scanning Management System October 25, 2024 Page 14