Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.8 views

CVE-2023-51653

Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...

9.8CVSS7.9AI score0.02131EPSS
Exploits1References1
NVD
NVD
added 2024/02/22 4:15 p.m.67 views

CVE-2023-51653

Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...

9.8CVSS9.9AI score0.02131EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/22 3:39 p.m.17 views

CVE-2023-51653 Hertzbeat JMX JNDI RCE

Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...

9.8CVSS8.2AI score0.02131EPSS
Exploits1References2
CVE
CVE
added 2024/02/22 3:39 p.m.97 views

CVE-2023-51653

CVE-2023-51653 affects Hertzbeat real-time monitoring when using JmxCollectImpl.java; the vulnerability arises from JMXConnectorFactory.connect allowing a JNDI injection via the vulnerable URL in the /api/monitor/detect interface. If a URL like service:jmx:rmi:///jndi/rmi://xxxxxx:1099/localHikar...

9.8CVSS9.9AI score0.02131EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder