GeneralInformation

Hostnames	ec2-34-205-123-190.compute-1.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

JavaScript libraries

jQuery

Select2

UI frameworks

Bootstrap3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(4)

CVE-2024-55633

6.5Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access can craft a specially designed SQL DML statement that is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgres analytics database connections set with a readonly user (advised) are not vulnerable. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53949

6.5Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). Allows for lower privilege users to use this API. issue affects Apache Superset: from 2.0.0 before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-53948

5.3Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

CVE-2024-39887

4.3An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new configuration key named DISALLOWED_SQL_FUNCTIONS has been introduced. This key disallows the use of the following PostgreSQL functions: version, query_to_xml, inet_server_addr, and inet_client_addr. Additional functions can be added to this list for increased protection. This issue affects Apache Superset: before 4.0.2. Users are recommended to upgrade to version 4.0.2, which fixes the issue.

OpenPorts

443

443 / tcp

-75960277 | 2025-03-19T00:52:43.360775

Hashes

hash

1080523847

http.dom_hash

-1849255416

http.favicon.hash

1582430156

http.html_hash

-75960277

http.server_hash

-984292577

http.title_hash

2046452228

Superset

Apache Superset:
  Node Version Range: ^16.20.2
  NPM Version Range: ^8.19.4
  Version: 4.0.1
  Name: superset

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:8f:1e:03:a2:c2:31:36:d8:c2:8f:86:44:2d:79:cc
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Feb  3 00:00:00 2025 GMT
            Not After : Mar  4 23:59:59 2026 GMT
        Subject: CN=*.surveysparrow.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:90:4c:89:b3:0b:58:4d:f3:53:26:41:49:4c:
                    d3:1d:8a:a0:6c:96:3a:01:51:6e:f0:22:ef:4a:17:
                    d0:32:aa:1c:c9:93:7f:1c:34:d0:f0:6e:cc:b5:b9:
                    c0:a7:db:7e:6c:6d:80:c2:cd:70:61:59:1f:b6:8e:
                    a6:ca:7f:8e:3b:17:54:33:ec:8e:0a:e2:14:25:c2:
                    a5:8a:d2:d9:c5:ae:60:7c:97:af:ce:08:16:ee:e9:
                    dd:19:13:a1:e9:83:9e:9c:e7:45:52:af:f7:b3:cb:
                    71:85:c5:d6:cc:ec:d8:28:6e:db:54:9d:f5:4c:65:
                    d4:db:ac:96:db:9d:9f:ce:eb:71:c8:63:24:33:86:
                    f7:e5:34:26:4c:da:8d:21:e7:b3:bc:64:00:60:f4:
                    17:bb:c1:4b:ca:5f:42:57:ba:da:06:95:fe:e6:46:
                    02:ab:05:f8:8c:ee:f0:95:59:53:98:08:e6:93:01:
                    b1:fc:b4:ba:ef:16:8b:c5:19:f2:2b:c9:a7:37:10:
                    f2:f1:4b:ce:c6:6f:ab:1f:f3:2b:a6:c1:a6:0a:7c:
                    8a:b8:7e:33:86:e7:04:7e:7b:cb:25:39:4c:01:e7:
                    bf:9f:c0:a3:7f:9c:24:21:7c:bd:68:64:66:49:77:
                    a4:2f:25:45:f1:a0:d0:d4:b5:0a:f6:5b:c6:01:18:
                    d1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                50:CC:E7:95:E9:DB:C2:50:B7:71:DF:8E:F4:8B:2A:1B:8B:31:AF:B6
            X509v3 Subject Alternative Name: 
                DNS:*.surveysparrow.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Feb  3 07:00:13.771 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AA:D0:11:52:10:32:96:2A:B8:0A:3F:
                                6A:B1:45:23:EA:39:93:E4:23:E9:37:59:DC:62:23:30:
                                14:90:E7:7A:05:02:21:00:F3:1D:F1:83:CC:DF:7A:6C:
                                C0:B0:05:5E:4C:45:F1:A8:8E:A4:D1:DC:59:00:02:9A:
                                46:EC:B8:BC:F6:FA:0A:03
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Feb  3 07:00:13.801 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A8:4B:5A:DE:D4:63:CF:55:75:A8:03:
                                AB:0C:DF:4D:35:F8:99:AE:33:B2:52:AA:B1:42:A9:1C:
                                FD:DE:F4:AB:C7:02:21:00:AA:29:60:E9:04:65:4A:CD:
                                1D:BB:0B:88:02:D6:6E:E0:D7:9E:B5:4E:21:FA:D2:16:
                                E9:6C:7C:68:1E:A2:2E:2F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:
                                5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3
                    Timestamp : Feb  3 07:00:13.839 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:14:10:61:99:24:F2:71:F3:B7:82:69:BE:
                                26:BF:A2:D7:02:84:3B:61:74:BB:22:1F:52:5F:91:23:
                                5E:72:62:55:02:21:00:EF:0A:DA:40:E7:93:7B:23:E3:
                                1F:34:93:17:D9:BC:B7:BF:EA:DA:16:B5:EA:EE:74:90:
                                62:14:0B:1A:45:7E:F7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7c:49:d6:7d:59:03:97:07:e7:4b:32:3c:10:d3:07:c9:45:c5:
        25:14:dd:e4:01:be:dc:08:bc:10:e6:b9:b8:f5:63:83:3a:69:
        17:27:bb:c5:29:a2:17:6d:82:a3:3a:49:89:65:0d:21:0d:fc:
        54:44:43:5d:25:7e:78:61:cc:98:be:03:e1:04:09:6c:e7:a9:
        46:37:f8:ed:6f:bd:49:c6:9b:e7:f4:7d:09:70:66:08:7e:ab:
        5b:13:c3:3a:db:ec:56:69:b1:b0:f9:cb:26:42:e8:c5:db:08:
        27:0b:25:98:93:23:be:b6:7d:3c:6c:ba:4c:b1:5d:be:64:92:
        44:45:41:92:f2:96:c7:9b:36:e4:dd:1b:25:c9:64:ef:da:d0:
        2a:7d:cd:ce:31:a5:d5:86:94:81:6b:6f:1a:e1:e7:7e:51:0d:
        9b:f2:7a:61:48:b9:0b:f4:a9:fd:02:63:e6:ce:aa:1a:12:ab:
        bb:f2:37:ab:12:95:39:ca:ca:a2:3c:20:c2:85:1e:ab:80:f1:
        87:df:bd:70:bc:f5:23:73:5f:fb:46:b8:4e:9e:83:f2:59:ff:
        dd:23:a9:7d:56:a6:bd:16:d7:49:9f:51:39:0f:04:ec:cf:7a:
        75:51:63:96:e4:22:55:66:22:c4:e8:d4:45:72:47:26:97:59:
        db:cc:b5:8f

Vulnerabilities

34.205.123.190

Last Seen: 2025-03-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

443 / tcp

-75960277 | 2025-03-19T00:52:43.360775

Hashes

Apache Superset4.0.1

Products

Pricing

Contact Us

34.205.123.190

Last Seen: 2025-03-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

443 / tcp -75960277 | 2025-03-19T00:52:43.360775

Hashes

Apache Superset4.0.1

Products

Pricing

Contact Us

Vulnerabilities

443 / tcp

-75960277 | 2025-03-19T00:52:43.360775