Today > | 8 Medium | 3 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-43441

Dec. 24, 2024, 6:15 p.m.

Tags

security@apache.org
CWE-302
2024-12-24
CVE-2024-43441

Product(s) Impacted

Apache HugeGraph-Server

  • 1.0.0 - 1.5.0

Description

Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue.

Weaknesses

CWE-302
Authentication Bypass by Assumed-Immutable Data

The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.

CWE ID: 302

Date

Published: Dec. 24, 2024, 12:15 p.m.

Last Modified: Dec. 24, 2024, 6:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@apache.org

References

https://lists.apache.org/ security@apache.org
http://www.openwall.com/ af854a3a-2127-422b-91ae-364da2661108