CVE-2024-27348 - Apache HugeGraph-Server Improper Access Control Vulnerability

Vulnerability Name

Apache HugeGraph-Server Improper Access Control Vulnerability

Description

Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9

https://nvd.nist.gov/vuln/detail/CVE-2024-27348

Related News Articles

CISA warns of actively exploited Apache HugeGraph-Server bugSeptember 20, 2024

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE EditionsSeptember 19, 2024

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAPJuly 17, 2024