Cn Timedb 2026 05 17
Nicholas Michael Kloster / NuClide Research nicholas@nuclide-research.com
2026-05-17
Re: Unauthenticated Elasticsearch with AI/RAG workload, TimeDB (timedb.cn)
IP / Host: 62.234.4.20 (cluster es-docker-cluster (es01))
Severity: HIGH
I’m an independent security researcher conducting good-faith AI infrastructure research under the NuClide Research umbrella (CISA disclosures CVE-2025-4364, ICSA-25-140-11). This is an unsolicited coordinated disclosure. No engagement exists with your organization. I have not read, modified, or exfiltrated documents. Only index metadata (schema, counts, sizes) needed to identify the exposure.
Summary
The Elasticsearch endpoint at http://62.234.4.20:9200 is reachable from the public internet with no authentication. The cluster carries one or more AI / RAG workloads (dense_vector or knn_vector fields). TLS SAN includes timedb.cn (registrant email shiguangzhe@timedb.cn from WHOIS).
State (verified 2026-05-17): ALIVE / NOT YET EXTORTED
Infrastructure
| Field | Value |
|---|---|
| IP | 62.234.4.20 |
| ES version | Elasticsearch 8.12.0 |
| Cluster name | es-docker-cluster (es01) |
| Country | China |
| Hosting | Tencent Cloud |
Alive on the cluster
| Index | Docs | Size | Notes |
|---|---|---|---|
dcobj | 1,555,234 | 3.1 GB | primary data index — 1.5 million documents |
dcobjvec | 0 | 498 B | 1024d dense_vector for dcobj — schema in place but no embeddings indexed yet |
Why it matters
The ‘dcobjvec’ index defines a dense_vector field for embeddings against the 1.5-million-document ‘dcobj’ table. The vector index is currently empty; the primary ‘dcobj’ index is full. Both indices are readable by anyone on the internet via the default /_search endpoint.
One-line fix
Bind the Elasticsearch HTTP listener to the loopback interface and require authentication for any non-local client. For a Docker deployment:
docker run -p 127.0.0.1:9200:9200 -e xpack.security.enabled=true elasticsearch:8.12.0If the cluster is on a host network: set network.host: 127.0.0.1 in elasticsearch.yml, restart, then put it behind a reverse proxy or VPN with authentication.
For OpenSearch clusters: enable the security plugin with plugins.security.disabled: false.
Reference
Companion case study with the full 22-host survey: AI-LLM-Infrastructure-OSINT/blob/main/case-studies/commercial/22-ai-stack-attribution-2026-05-17.md
Companion methodology notes:
- Snapshot vs delta measurement (Insight #29)
- WHOIS over slug heuristics for disclosure routing (Insight #04)
Happy to provide additional forensic detail if useful. No response is required.
Regards, Nicholas Michael Kloster / NuClide Research nicholas@nuclide-research.com