CVE-2024-27348
Apache HugeGraph-Server Improper Access Control Vu - [Actively Exploited]
Description
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
INFO
Published Date :
April 22, 2024, 2:15 p.m.
Last Modified :
Dec. 16, 2024, 8:12 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 ; https://nvd.nist.gov/vuln/detail/CVE-2024-27348
Public PoC/Exploit Available at Github
CVE-2024-27348 has a 13 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-27348
.
URL | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2024/04/22/3 | Mailing List Third Party Advisory |
https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication | Product |
https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 | Mailing List Vendor Advisory |
http://www.openwall.com/lists/oss-security/2024/04/22/3 | Mailing List Third Party Advisory |
https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication | Product |
https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 | Mailing List Vendor Advisory |
https://www.vicarius.io/vsociety/posts/remote-code-execution-vulnerability-in-apache-hugegraph-server-cve-2024-27348 | Exploit Third Party Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
None
None
HTML
None
HTML
None
None
Python
Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit
apache application-security bugbounty bugbounty-tool bugbountytips exploit hack hacking-tool malware penetration-testing-tools platform-security rce security unauthenticated web-application-security zero-day zero-day-exploit cve-2024-27348 hugehraph one-day-exploit
Python
Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 )
apache cve cve-scanning exploit vulnerability vulnerability-scanners
Python
None
Python
None
HTML Python
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1300多个poc/exp,长期更新。
poc
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-27348
vulnerability anywhere in the article.
- Dark Reading
Russian Script Kiddie Assembles Massive DDoS Botnet
Source: Kundra via ShutterstockA Russian script kiddie using little more than publicly available malware tools and exploits targeting weak credentials and configurations has assembled a distributed de ... Read more
- Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks
Aqua Nautilus researchers have discovered a campaign powering a series of large-scale DDoS attacks launched by Matrix, which could be a Russian threat actor. Learn about the vulnerabilities exploited, ... Read more
- The Register
Apple's latest macOS release is breaking security software, network connections
Infosec In Brief Something's wrong with macOS Sequoia, and it's breaking security software installed on some updated Apple systems. Sequoia, aka macOS 15, was released on Monday of last week. By Thurs ... Read more
- BleepingComputer
CISA warns of actively exploited Apache HugeGraph-Server bug
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache Hu ... Read more
- The Cyber Express
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the continued threat that these securit ... Read more
- security.nl
CISA: kritiek lek in Apache HugeGraph-servers actief aangevallen
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Apache HugeGraph Server waarvoor in april een beveiligingsupdate verscheen. Dat laat het Cybersecurity and Infrastructure Security Ag ... Read more
- The Hacker News
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
Enterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vuln ... Read more
- Cybersecurity News
CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to federal agencies and organizations worldwide: five newly identified security vulnerabilities are being actively ... Read more
- Cybersecurity News
CVE-2024-42479 (CVSS 10) in Popular Python Package llama_cpp_python Exposes Millions to RCE
Please enable JavaScriptA severe security vulnerability has been discovered in the widely-used AI library llama_cpp_python, potentially allowing threat actors to execute malicious code on affected sys ... Read more
- Cybersecurity News
CVE-2024-36877 in MSI Motherboards Opens Door to Code Execution Attacks, PoC Published
MSI, a leading manufacturer of computer hardware, has recently disclosed a critical vulnerability, tracked as CVE-2024-36877, that affects a wide range of its motherboards. The vulnerability, residing ... Read more
- Cybersecurity News
Dark Skippy: New Threat Steals Secret Keys from Signing Devices
A serious security threat called Dark Skippy has emerged in the cryptocurrency world. This method allows malicious actors to extract private keys from transaction signing devices, such as hardware wal ... Read more
- Cybersecurity News
CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks
At Black Hat 2024, security researcher Alon Leviev from SafeBreach security researcher unveiled two zero-day vulnerabilities (CVE-2024-21302, CVE-2024-38202) that could be exploited to reverse patches ... Read more
- The Hacker News
Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP
Vulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Trac ... Read more
The following table lists the changes that have been made to the
CVE-2024-27348
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Dec. 16, 2024
Action Type Old Value New Value Changed CPE Configuration AND OR cpe:2.3:a:oracle:jdk:8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:11:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:11:*:*:*:*:*:*:* OR *cpe:2.3:a:apache:hugegraph:*:*:*:*:*:*:*:* versions from (including) 1.0.0 up to (excluding) 1.3.0 OR *cpe:2.3:a:apache:hugegraph:*:*:*:*:*:*:*:* versions from (including) 1.0.0 up to (excluding) 1.3.0 Changed Reference Type https://www.vicarius.io/vsociety/posts/remote-code-execution-vulnerability-in-apache-hugegraph-server-cve-2024-27348 No Types Assigned https://www.vicarius.io/vsociety/posts/remote-code-execution-vulnerability-in-apache-hugegraph-server-cve-2024-27348 Exploit, Third Party Advisory -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2024/04/22/3 Added Reference https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication Added Reference https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 Added Reference https://www.vicarius.io/vsociety/posts/remote-code-execution-vulnerability-in-apache-hugegraph-server-cve-2024-27348 -
Initial Analysis by [email protected]
Sep. 19, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type http://www.openwall.com/lists/oss-security/2024/04/22/3 No Types Assigned http://www.openwall.com/lists/oss-security/2024/04/22/3 Mailing List, Third Party Advisory Changed Reference Type https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication No Types Assigned https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication Product Changed Reference Type https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 No Types Assigned https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 Mailing List, Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration AND OR *cpe:2.3:a:apache:hugegraph:*:*:*:*:*:*:*:* versions from (including) 1.0.0 up to (excluding) 1.3.0 OR cpe:2.3:a:oracle:jdk:8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:11:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:11:*:*:*:*:*:*:* -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Sep. 19, 2024
Action Type Old Value New Value Added Date Added 2024-09-18 Added Vulnerability Name Apache HugeGraph-Server Improper Access Control Vulnerability Added Due Date 2024-10-09 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Aug. 01, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-284 Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Modified by [email protected]
May. 01, 2024
Action Type Old Value New Value Added Reference Apache Software Foundation http://www.openwall.com/lists/oss-security/2024/04/22/3 [No types assigned] -
CVE Received by [email protected]
Apr. 22, 2024
Action Type Old Value New Value Added Description RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. Added Reference Apache Software Foundation https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication [No types assigned] Added Reference Apache Software Foundation https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 [No types assigned]
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-27348
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-27348
weaknesses.