GeneralInformation

Hostnames	ec2-34-202-193-15.compute-1.amazonaws.com connect-superset.dimagi.com
Domains	amazonaws.com dimagi.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

JavaScript libraries

jQuery

Select2

UI frameworks

Bootstrap3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-55633

6.5Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access can craft a specially designed SQL DML statement that is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgres analytics database connections set with a readonly user (advised) are not vulnerable. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53949

6.5Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). Allows for lower privilege users to use this API. issue affects Apache Superset: from 2.0.0 before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53948

5.3Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

OpenPorts

80 443

80 / tcp

1949896279 | 2025-03-22T00:38:11.939668

Hashes

hash

-2107232477

http.dom_hash

-2060582466

http.html_hash

1949896279

http.server_hash

-982608622

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Sat, 22 Mar 2025 00:38:11 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://34.202.193.15:443/

443 / tcp

-552677533 | 2025-03-28T19:11:21.908936

Hashes

hash

-82381463

http.dom_hash

-1849255416

http.favicon.hash

1582430156

http.html_hash

-552677533

http.server_hash

1186221244

http.title_hash

2046452228

Superset

Apache Superset:
  Node Version Range: ^16.20.2
  NPM Version Range: ^8.19.4
  Version: 4.0.2
  Name: superset

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:42:a8:f1:f7:91:8d:a8:03:02:ab:22:e5:d6:2e:43
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Jul 19 00:00:00 2024 GMT
            Not After : Aug 17 23:59:59 2025 GMT
        Subject: CN=connect-superset.dimagi.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c9:db:57:a1:ff:77:ea:ef:fc:75:5b:20:9a:09:
                    1d:93:2d:59:8c:63:06:b7:85:f1:62:03:02:24:cd:
                    d5:27:92:24:dd:be:68:92:a1:cd:b6:3f:d1:ad:38:
                    8d:f2:9f:97:7a:51:d2:bd:97:1f:f8:11:db:e0:1a:
                    9d:c0:04:a4:ea:30:2b:6a:dc:e9:b8:c6:3e:53:92:
                    c8:04:32:f2:41:b9:95:27:c6:66:3b:db:04:7c:ca:
                    9f:40:38:93:ea:4f:28:1c:ee:28:fc:a6:6a:0f:5f:
                    9c:ff:87:95:0f:c0:59:48:ec:67:f0:8d:b8:19:db:
                    96:ba:c4:8a:03:9e:e4:fe:d3:18:a2:17:c4:ed:dc:
                    38:98:02:ba:10:85:23:27:f8:7b:e0:12:db:75:07:
                    73:b4:3d:71:5e:88:c6:f0:24:24:4e:d2:db:50:0d:
                    3f:fa:aa:43:76:11:2e:15:c7:ae:f6:63:6e:69:43:
                    22:83:24:bf:02:cd:5f:76:e2:5f:a9:2e:f3:b3:04:
                    92:ce:ad:55:88:16:4d:f5:d2:23:3e:90:16:88:0e:
                    f2:f8:77:97:65:a1:d4:ba:96:67:73:f0:49:e2:e8:
                    78:54:9b:03:60:73:6c:32:f6:16:87:81:0a:09:e3:
                    f2:12:fb:67:0e:d2:ae:0d:07:22:ad:40:d6:1c:83:
                    50:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                DA:86:5C:22:DF:07:AD:32:31:90:C8:0E:A2:50:6C:D0:87:E3:3A:DB
            X509v3 Subject Alternative Name: 
                DNS:connect-superset.dimagi.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jul 19 19:19:14.937 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:05:21:D3:C2:FD:FF:00:15:60:E5:
                                0E:34:D0:73:B0:8E:EE:5A:66:C8:7A:9B:C3:53:41:4F:
                                45:81:E2:E1:DC:02:21:00:93:72:09:70:78:4F:F9:83:
                                DB:9F:1D:D4:86:B9:16:21:50:7F:F2:1A:39:E8:01:F4:
                                88:D9:C6:01:BB:F5:EA:7B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Jul 19 19:19:15.017 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E3:C4:7E:15:A6:FF:AB:D6:43:24:B0:
                                E2:AF:60:95:7A:35:D7:D5:08:AF:C8:5A:72:2E:41:F0:
                                60:C5:67:02:2A:02:21:00:B5:F4:1A:DE:15:22:08:FE:
                                D7:4B:70:B8:8F:94:6D:7A:07:F7:32:D4:91:45:B4:6E:
                                5C:34:64:9D:7D:53:39:21
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Jul 19 19:19:15.030 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:56:B9:D9:08:87:70:73:5B:5A:BB:73:D9:
                                7A:39:CA:F9:BB:8B:0B:D4:33:31:4D:A7:29:A9:CA:E1:
                                C1:52:E9:47:02:21:00:E9:97:8A:D0:51:79:D5:F3:C0:
                                DC:AF:34:75:11:3A:91:C3:5B:DC:F0:23:66:99:A1:10:
                                94:BD:F6:C3:AC:B1:98
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:14:3a:c5:ae:3c:9e:43:b4:26:fb:83:6d:e1:b4:23:66:8f:
        94:e0:26:f2:66:ee:f8:04:60:84:41:1f:83:09:96:2d:bb:54:
        3a:c7:65:9b:67:fe:1a:f1:7f:a3:20:e5:71:c1:08:bb:f4:e1:
        35:01:de:32:bb:9c:dd:42:b8:74:43:ac:70:1b:60:85:ef:15:
        f8:3d:ce:00:21:04:61:9b:84:49:c1:c0:cf:f3:b9:7f:2b:82:
        21:96:23:51:f0:14:8b:20:93:42:97:e8:aa:3d:d5:ab:53:c4:
        27:ca:4a:51:c9:b4:f0:08:47:58:d8:8f:28:fd:f7:31:a4:f4:
        58:cb:6c:12:1c:f3:db:96:32:24:03:0d:6b:fc:54:e6:71:d2:
        5a:c7:3b:23:d1:a4:48:ef:99:06:2f:12:b4:11:27:ee:7d:d8:
        62:d1:65:54:21:63:02:ab:3a:c3:aa:5f:e1:22:fb:19:2b:5c:
        58:66:82:14:23:fa:f7:67:14:c6:75:06:34:81:02:de:ad:82:
        1a:7e:af:8f:42:db:06:6f:36:09:3e:92:30:f4:5f:ca:ea:62:
        6d:23:6e:9d:c7:39:df:47:f8:0d:f7:e2:86:de:ea:db:b1:dd:
        ed:aa:ae:08:ca:5e:7b:b8:ad:b4:6a:95:86:70:28:36:df:9f:
        e0:86:57:fa

Vulnerabilities

34.202.193.15

Last Seen: 2025-03-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1949896279 | 2025-03-22T00:38:11.939668

Hashes

AWS ELB2.0

443 / tcp

-552677533 | 2025-03-28T19:11:21.908936

Hashes

Apache Superset4.0.2

Products

Pricing

Contact Us

34.202.193.15

Last Seen: 2025-03-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 1949896279 | 2025-03-22T00:38:11.939668

Hashes

AWS ELB2.0

443 / tcp -552677533 | 2025-03-28T19:11:21.908936

Hashes

Apache Superset4.0.2

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1949896279 | 2025-03-22T00:38:11.939668

443 / tcp

-552677533 | 2025-03-28T19:11:21.908936