GeneralInformation

Hostnames	ec2-52-210-233-243.eu-west-1.compute.amazonaws.com tmh.cloud
Domains	amazonaws.com tmh.cloud
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon Data Services Ireland Limited
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-2183	Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
CVE-2023-1410	Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.
CVE-2023-0594	Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
CVE-2023-0507	Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
CVE-2022-39324	Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.
CVE-2022-23552	Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.
CVE-2022-23498	Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.

OpenPorts

443

1809702061 | 2024-05-04T07:39:23.722566

443 / tcp

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 07:39:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ce:7e:4a:83:fb:ef:2a:83:57:63:79:2e:05:1e:31
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Dec 26 00:00:00 2023 GMT
            Not After : Jan 23 23:59:59 2025 GMT
        Subject: CN=*.tmh.cloud
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c1:9b:0e:d7:8d:87:34:fc:6f:02:a6:0f:05:5d:
                    bc:d5:7f:d3:ce:58:f6:21:a8:06:3c:aa:59:81:7d:
                    3f:2a:f1:49:cc:e0:dc:be:87:cc:fb:59:07:2c:38:
                    e8:3d:8a:16:d6:b7:69:a2:ef:dd:51:35:81:6d:78:
                    9d:ec:a2:76:8a:0a:06:25:6a:ba:22:75:8f:a9:58:
                    09:d8:0c:da:71:d1:60:8a:74:08:94:82:79:63:21:
                    dc:ab:51:50:e8:59:66:00:62:df:25:3e:c6:17:d4:
                    aa:de:7c:67:78:0d:55:3b:6b:2e:7b:e8:d0:bb:da:
                    f9:49:51:fc:dd:e3:3f:16:db:f2:2f:3c:23:61:09:
                    78:76:fb:d7:72:76:57:6d:2c:16:70:b1:8e:4a:25:
                    3b:2e:1e:7f:df:95:d6:0a:94:28:22:13:95:7e:83:
                    c2:ae:c6:b6:1e:7d:b5:fc:f5:a0:9a:5a:b7:19:bb:
                    c4:94:2f:ad:f6:f4:16:24:50:0d:8a:ac:fd:31:6c:
                    b6:d2:df:29:bd:ea:0d:8b:dc:8a:24:dc:13:17:23:
                    bd:13:7c:12:ae:84:66:82:1e:8a:dd:6e:1d:05:43:
                    22:fe:bf:7d:88:59:41:7d:76:b7:6d:ed:65:1c:25:
                    51:f8:b8:5d:9d:9c:17:b5:80:d4:26:df:dd:55:77:
                    05:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                05:E9:5F:A1:6C:5B:5B:3B:CB:9B:CF:48:CC:C9:D2:70:C1:C5:E0:A1
            X509v3 Subject Alternative Name: 
                DNS:*.tmh.cloud, DNS:tmh.cloud
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec 26 00:31:55.126 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FD:DA:C9:D0:D5:C8:D2:DF:6F:26:37:
                                DE:4B:10:AA:12:D2:EE:71:1E:33:A7:BE:7F:91:1E:6F:
                                65:D3:95:C2:A7:02:20:25:7B:B7:B0:A6:0D:F5:D8:11:
                                80:82:50:BD:64:8F:5F:74:EE:C7:8B:DD:2D:90:B7:A8:
                                16:C8:2B:5F:77:44:69
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Dec 26 00:31:55.171 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:48:D6:21:EE:49:39:68:BB:AE:4C:8F:62:
                                02:BF:1F:2A:45:CF:A0:49:CB:F5:14:B8:A0:98:C0:10:
                                0A:78:75:F4:02:20:49:99:3C:EC:D4:75:4C:9F:8A:AB:
                                48:17:B5:9B:30:1D:24:3F:39:25:5F:3E:2F:A5:17:B8:
                                C1:8E:3E:37:17:9D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Dec 26 00:31:55.207 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:67:0A:E5:85:C3:7B:53:F6:84:55:B5:7B:
                                38:69:A7:86:F6:8E:6C:B2:D7:CE:71:B4:2A:C1:8F:20:
                                7A:E8:46:BD:02:20:31:86:84:3D:81:7F:63:23:0E:5F:
                                13:7B:C0:78:54:EC:6F:BC:D5:7C:E4:EF:09:57:0D:6B:
                                A0:24:F4:67:59:B1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a2:87:37:d9:ce:33:f9:75:34:50:7a:13:f4:3a:a8:4c:ca:09:
        ce:9a:14:43:5e:99:a8:f2:26:b5:67:ed:f7:62:23:e3:cf:5b:
        55:e6:97:a3:f6:3c:56:2b:e6:5a:be:b9:3c:aa:7e:ba:d9:6f:
        2c:38:cf:28:c9:a8:c5:96:30:ce:eb:da:dc:86:9d:6a:79:08:
        c1:b6:bb:5d:3f:62:a1:ab:0b:0f:ea:db:36:4f:c6:62:cf:f9:
        eb:23:35:82:4a:34:94:b4:27:e7:fc:85:d2:f1:18:9d:44:33:
        fa:12:6a:64:46:97:2d:13:af:c0:4c:32:0a:a1:0e:6c:20:9e:
        7e:26:5d:67:ed:43:36:71:85:4a:b1:42:25:f9:b1:92:ce:40:
        75:21:b3:8d:8c:74:ec:3b:c3:f6:d1:5e:42:12:04:81:9d:17:
        d5:9c:43:25:55:78:fc:f5:b3:5d:51:2e:3a:70:57:e9:88:cf:
        44:7a:23:56:30:67:32:6e:c6:f7:ea:c0:97:4c:be:8e:b5:b6:
        53:a1:b2:ec:e3:d7:2e:d1:cb:5c:ea:c7:a0:6a:29:c5:0a:36:
        b6:2f:93:6e:66:e4:d2:8b:05:bc:32:77:d3:3c:61:21:db:49:
        db:fb:99:f9:e6:bc:98:af:af:fa:d3:7a:fb:25:86:f9:d6:4f:
        2c:ba:07:25

52.210.233.243

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1809702061 | 2024-05-04T07:39:23.722566
443 / tcp

Grafana (Open Source)8.5.15

Products

Pricing

Contact Us

52.210.233.243

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1809702061 | 2024-05-04T07:39:23.722566 443 / tcp

Grafana (Open Source)8.5.15

Products

Pricing

Contact Us

1809702061 | 2024-05-04T07:39:23.722566
443 / tcp