Hertzbeat Security Vulnerabilities and Issues — Hertzbeat CVE List

Lucene search

ApacheHertzbeat

3 matches found

CVE•added 2024/11/18 9:15 a.m.•47 views

CVE-2024-45791

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue.

7.5CVSS7.5AI score0.00303EPSS

CVE•added 2023/12/22 3:15 p.m.•31 views

CVE-2022-39337

Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. Hertzbeat versions 1.20 and prior have a permission bypass vulnerability. System authentication can be bypassed and invoke interfaces without authorization. Vers...

7.5CVSS7.7AI score0.00229EPSS

CVE•added 2023/12/22 9:15 p.m.•31 views

CVE-2023-51650

Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.

7.5CVSS7.7AI score0.00455EPSS