Lucene search
HistoryApr 22, 2024 - 2:15 p.m.
CVE-2024-27348
apache hugegraph-server
remote command execution
cve-2024-27348
java8
java11
upgrade
auth system
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11
Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
Affected configurations
Node
apacheapache_http_serverRange≤1.3.0
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache HugeGraph-Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-27348
2024-04-22 14:15:07
osv
osv
Apache HugeGraph-Server: Command execution in gremlin
2024-04-22 15:30:41
githubexploit
githubexploit
Exploit for CVE-2024-27348
2024-05-31 20:11:37
Exploit for CVE-2024-27348
2024-06-03 19:08:24
Exploit for CVE-2024-27348
2024-06-12 08:14:39
nuclei
nuclei
Apache HugeGraph-Server - Remote Command Execution
2024-06-02 18:33:37
veracode
veracode
Remote Code Execution
2024-04-23 08:00:00
cvelist
cvelist
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
2024-04-22 14:08:06
github
github
Apache HugeGraph-Server: Command execution in gremlin
2024-04-22 15:30:41