CVE-2024-27348 — Apache HugeGraph-Server Improper Access Control Vulnerability
2024-09-18 • CISA Known Exploited Vulnerability
[event] Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Apache |
| Product | HugeGraph-Server |
| CWE | CWE-284 |
| CVE ID | CVE-2024-27348 |
| Date Added | 2024-09-18 |
| Due Date | 2024-10-09 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2024-10-09