CVE-2024-27348 - Apache HugeGraph-Server Improper Access Control Vulnerability

CVE ID:CVE-2024-27348

Project:Apache

Product:HugeGraph-Server

Date Added:2024-09-18Due Date:2024-10-09

Vulnerability Name

Apache HugeGraph-Server Improper Access Control Vulnerability

Description

Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9

https://nvd.nist.gov/vuln/detail/CVE-2024-27348

Top Security News

Top CVE List

Common Alerts

MediumInformation Disclosure - JWT in Browser localStorage
InformationalBase64 Disclosure in WebSocket message
HighPath Traversal
InformationalEmail address found in WebSocket message
LowX-Debug-Token Information Leak
LowDangerous JS Functions
HighAccess Control Issue - Improper Authorization
InformationalSession Management Response Identified
HighNoSQL Injection - MongoDB
HighXML External Entity Attack