RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
History

Mon, 16 Dec 2024 20:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:oracle:jdk:11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:8:*:*:*:*:*:*:*
Vendors & Products Oracle
Oracle jdk
Oracle jre

Fri, 22 Nov 2024 12:00:00 +0000


Thu, 19 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apache hugegraph
Oracle
Oracle jdk
Oracle jre
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apache:hugegraph:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:8:*:*:*:*:*:*:*
Vendors & Products Apache hugegraph
Oracle
Oracle jdk
Oracle jre

Wed, 18 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache hugegraph-server
CPEs cpe:2.3:a:apache:hugegraph-server:*:*:*:*:*:*:*:*
Vendors & Products Apache
Apache hugegraph-server
References
Metrics kev

{'dateAdded': '2024-09-18'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 19 Aug 2024 08:30:00 +0000


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2024-04-22T14:08:06.294Z

Updated: 2024-09-25T03:55:40.189Z

Reserved: 2024-02-24T10:43:56.141Z

Link: CVE-2024-27348

cve-icon Vulnrichment

Updated: 2024-08-19T07:47:46.503Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-22T14:15:07.420

Modified: 2024-12-16T20:12:08.900

Link: CVE-2024-27348

cve-icon Redhat

No data.