30 matches found
CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2024-27349
CVE-2024-27349 (Apache HugeGraph-Server) is an Authentication Bypass by Spoofing vulnerability affecting 1.0.0–1.0.x up to but not including 1.3.0. The issue allows bypassing authentication (network access, no user interaction) and has high impact on confidentiality and integrity with a CVSS v3.1...
CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2024-27349 Apache HugeGraph-Server: Bypass whitelist in Auth mode
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
CVE-2024-27348
CVE-2024-27348 (Apache HugeGraph-Server) is an improper access control vulnerability in the Gremlin interface that enables remote code execution. Affected: HugeGraph-Server versions from 1.0.0 up to (but not including) 1.3.0, running on Java 8 or Java 11. Root cause: insufficient access controls ...
PT-2024-4007
Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.3.0 Description: The issue affects Apache HugeGraph-Server, allowing unauthenticated remote code execution and server takeover. This flaw can be exploited by attackers to bypass sandbox...
PT-2024-21839 · Apache · Apache Hugegraph-Server
Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.2.x Description: The issue is related to an Authentication Bypass by Spoofing. Users are recommended to upgrade to a newer version to fix the issue. Recommendations: For Apache HugeGraph-Server...