CVE-2024-27348 - Apache HugeGraph-Server Improper Access Control Vulnerability
Project:Apache
Product:HugeGraph-Server
Date Added:2024-09-18Due Date:2024-10-09
Vulnerability Name
Apache HugeGraph-Server Improper Access Control Vulnerability
Description
Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9
https://nvd.nist.gov/vuln/detail/CVE-2024-27348
Related News Articles
CISA warns of actively exploited Apache HugeGraph-Server bugSeptember 20, 2024
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE EditionsSeptember 19, 2024
Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAPJuly 17, 2024