Lucene search
+L

30 matches found

Vulnrichment
Vulnrichment
added 2024/04/22 2:8 p.m.24 views

CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

9.3AI score0.01024EPSS
Exploits0References2
CVE
CVE
added 2024/04/22 2:8 p.m.84 views

CVE-2024-27349

CVE-2024-27349 (Apache HugeGraph-Server) is an Authentication Bypass by Spoofing vulnerability affecting 1.0.0–1.0.x up to but not including 1.3.0. The issue allows bypassing authentication (network access, no user interaction) and has high impact on confidentiality and integrity with a CVSS v3.1...

9.1CVSS9.3AI score0.01024EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/22 2:8 p.m.27 views

CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

6.8AI score0.01024EPSS
Exploits0References2
OSV
OSV
added 2024/04/22 2:8 p.m.5 views

CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

9.1CVSS7.2AI score0.01024EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/22 2:8 p.m.45 views

CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...

9.6AI score0.9921EPSS
Exploits11References3
Cvelist
Cvelist
added 2024/04/22 2:8 p.m.39 views

CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...

6.9AI score0.9921EPSS
Exploits11References3
OSV
OSV
added 2024/04/22 2:8 p.m.14 views

CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...

9.8CVSS7.4AI score0.9921EPSS
Exploits11References7
CVE
CVE
added 2024/04/22 2:8 p.m.177 views

CVE-2024-27348

CVE-2024-27348 (Apache HugeGraph-Server) is an improper access control vulnerability in the Gremlin interface that enables remote code execution. Affected: HugeGraph-Server versions from 1.0.0 up to (but not including) 1.3.0, running on Java 8 or Java 11. Root cause: insufficient access controls ...

9.8CVSS9.7AI score0.9921EPSS
In wildExploits11References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.5 views

PT-2024-4007

Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.3.0 Description: The issue affects Apache HugeGraph-Server, allowing unauthenticated remote code execution and server takeover. This flaw can be exploited by attackers to bypass sandbox...

10CVSS10AI score0.9921EPSS
Exploits11References79
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.10 views

PT-2024-21839 · Apache · Apache Hugegraph-Server

Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.2.x Description: The issue is related to an Authentication Bypass by Spoofing. Users are recommended to upgrade to a newer version to fix the issue. Recommendations: For Apache HugeGraph-Server...

9.1CVSS7.2AI score0.01024EPSS
Exploits0References11
Rows per page
Query Builder