Lucene search
GoogleOSV:GHSA-29RC-VQ7F-X335HistoryApr 22, 2024 - 3:30 p.m.
Apache HugeGraph-Server: Command execution in gremlin
2024-04-2215:30:41
Google
osv.dev
15
apache hugegraph-server
rce vulnerability
command execution
java8
java11
upgrade
auth system
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11
Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
References
www.openwall.com/lists/oss-security/2024/04/22/3
github.com/apache/incubator-hugegraph
github.com/apache/incubator-hugegraph/commit/713d88d1fd9953c3c3e3f130389501910ba40e1d
hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication
lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9
nvd.nist.gov/vuln/detail/CVE-2024-27348
Related
cve
cve
CVE-2024-27348
2024-04-22 14:15:07
nvd
nvd
CVE-2024-27348
2024-04-22 14:15:07
githubexploit
githubexploit
Exploit for CVE-2024-27348
2024-05-31 20:11:37
Exploit for CVE-2024-27348
2024-06-03 19:08:24
Exploit for CVE-2024-27348
2024-06-12 08:14:39
nuclei
nuclei
Apache HugeGraph-Server - Remote Command Execution
2024-06-02 18:33:37
veracode
veracode
Remote Code Execution
2024-04-23 08:00:00
cvelist
cvelist
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
2024-04-22 14:08:06
github
github
Apache HugeGraph-Server: Command execution in gremlin
2024-04-22 15:30:41