GeneralInformation

Hostnames	superset.lovelystay.com staging.superset.lovelystay.com
Domains	lovelystay.com
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

JavaScript libraries

jQuery

Select2

UI frameworks

Bootstrap3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(11)

CVE-2024-55633

6.5Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access can craft a specially designed SQL DML statement that is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgres analytics database connections set with a readonly user (advised) are not vulnerable. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53949

6.5Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). Allows for lower privilege users to use this API. issue affects Apache Superset: from 2.0.0 before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53948

5.3Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-39887

4.3An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new configuration key named DISALLOWED_SQL_FUNCTIONS has been introduced. This key disallows the use of the following PostgreSQL functions: version, query_to_xml, inet_server_addr, and inet_client_addr. Additional functions can be added to this list for increased protection. This issue affects Apache Superset: before 4.0.2. Users are recommended to upgrade to version 4.0.2, which fixes the issue.

CVE-2024-34693

6.8Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0 Users are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue.

CVE-2024-28148

4.3An authenticated user could potentially access metadata for a datasource they are not authorized to view by submitting a targeted REST API request.This issue affects Apache Superset: before 3.1.2. Users are recommended to upgrade to version 3.1.2 or above, which fixes the issue.

CVE-2024-27315

4.3An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert exposing possibly sensitive data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.

CVE-2024-26016

4.3A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be subject to validation based on data access privileges. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1, which fixes the issue.

CVE-2024-24779

5.0Apache Superset with custom roles that include `can write on dataset` and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.

CVE-2024-24773

4.9Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1, which fixes the issue.

CVE-2024-24772

4.3A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.

2023(1)

CVE-2023-49657

9.6A stored cross-site scripting (XSS) vulnerability exists in Apache Superset before 3.0.3. An authenticated attacker with create/update permissions on charts or dashboards could store a script or add a specific HTML snippet that would act as a stored XSS. For 2.X versions, users should change their config to include: TALISMAN_CONFIG = { "content_security_policy": { "base-uri": ["'self'"], "default-src": ["'self'"], "img-src": ["'self'", "blob:", "data:"], "worker-src": ["'self'", "blob:"], "connect-src": [ "'self'", " https://api.mapbox.com" https://api.mapbox.com" ;, " https://events.mapbox.com" https://events.mapbox.com" ;, ], "object-src": "'none'", "style-src": [ "'self'", "'unsafe-inline'", ], "script-src": ["'self'", "'strict-dynamic'"], }, "content_security_policy_nonce_in": ["script-src"], "force_https": False, "session_cookie_secure": False, }

OpenPorts

80 443

80 / tcp

-559401045 | 2025-04-07T22:34:00.816298

Hashes

hash

1052901644

http.dom_hash

1239617585

http.html_hash

-559401045

http.server_hash

-1097237905

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 07 Apr 2025 22:34:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://138.68.107.55/

443 / tcp

1742031680 | 2025-04-16T10:10:52.973557

Hashes

hash

-1887644433

http.dom_hash

-1705177783

http.favicon.hash

1582430156

http.html_hash

1742031680

http.server_hash

-1097237905

http.title_hash

2046452228

Superset

Apache Superset:
  Node Version Range: ^16.9.1
  NPM Version Range: ^7.5.4 || ^8.1.2
  Version: 3.0.2
  Name: superset

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c4:9d:11:59:56:07:5b:e0:8c:52:05:91:b9:b0:cb:aa:eb
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E6
        Validity
            Not Before: Feb 28 23:05:10 2025 GMT
            Not After : May 29 23:05:09 2025 GMT
        Subject: CN=staging.superset.lovelystay.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:7e:4e:de:43:e9:75:00:59:78:d7:76:76:a8:7c:
                    e3:4e:f8:bc:ee:10:34:ff:be:42:20:58:00:00:f8:
                    2a:4a:6b:e4:66:2b:2a:99:9d:b7:bd:5f:45:f8:29:
                    ab:2a:e0:55:9d:5b:f0:46:c5:39:4d:76:ba:77:01:
                    5f:7d:02:2b:c4
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E5:EF:12:D5:86:D6:73:00:D2:63:C1:92:36:0E:9C:8B:11:7C:CD:61
            X509v3 Authority Key Identifier: 
                93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
            Authority Information Access: 
                OCSP - URI:http://e6.o.lencr.org
                CA Issuers - URI:http://e6.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:staging.superset.lovelystay.com, DNS:superset.lovelystay.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar  1 00:03:40.110 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8C:90:2E:15:46:68:B6:62:B0:0D:83:
                                69:0E:7D:B7:C3:3D:7A:6B:D0:43:09:69:4F:D4:DA:71:
                                C1:AF:40:85:C9:02:20:4D:5F:92:F0:07:A7:96:70:7D:
                                A6:5E:21:21:0E:4E:BB:D4:B0:8D:64:DE:D2:EC:5A:CD:
                                E9:54:D3:13:BA:04:FF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Mar  1 00:03:40.101 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0A:4A:68:E6:76:3A:83:11:6C:09:EA:EC:
                                F6:33:42:34:95:6F:E2:B2:45:FE:8A:DD:7B:63:43:C1:
                                86:D2:62:49:02:21:00:A6:B1:E7:0A:75:B6:BE:89:5F:
                                49:21:F5:A0:27:9D:7D:CE:06:37:61:B9:57:80:68:B4:
                                35:54:38:14:FB:CA:03
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:96:16:bf:1e:5f:9d:fa:58:0d:ff:63:c1:3e:
        7b:79:0e:06:ea:e5:d4:80:9b:19:0a:84:e1:4f:40:f0:2e:33:
        e5:5a:0b:fa:c4:37:01:32:95:bb:75:af:b6:f0:e8:28:9a:02:
        30:0e:ae:6e:a2:2d:e5:68:5e:29:e3:02:47:10:c5:e5:9e:30:
        cc:ca:c1:49:b5:76:44:54:20:53:fd:e1:98:30:b9:87:8a:a6:
        57:10:1b:71:b8:47:d7:97:8a:57:f7:ef:c9

Vulnerabilities

138.68.107.55

Last Seen: 2025-04-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-559401045 | 2025-04-07T22:34:00.816298

Hashes

nginx1.22.0

443 / tcp

1742031680 | 2025-04-16T10:10:52.973557

Hashes

Apache Superset3.0.2

Products

Pricing

Contact Us

138.68.107.55

Last Seen: 2025-04-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp -559401045 | 2025-04-07T22:34:00.816298

Hashes

nginx1.22.0

443 / tcp 1742031680 | 2025-04-16T10:10:52.973557

Hashes

Apache Superset3.0.2

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-559401045 | 2025-04-07T22:34:00.816298

443 / tcp

1742031680 | 2025-04-16T10:10:52.973557