Security
Headlines
HeadlinesLatestCVEs

Headline

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. "Users are

The Hacker News
#vulnerability#apache#java#rce#log4j#auth#sap#The Hacker News

Vulnerability / Data Security

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks.

Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API.

“Users are recommended to upgrade to version 1.3.0 with Java11 and enable the Auth system, which fixes the issue,” the Apache Software Foundation noted in late April 2024. “Also you could enable the ‘Whitelist-IP/port’ function to improve the security of RESTful-API execution.”

Additional technical specifics about the flaw were released by penetration testing company SecureLayer7 in early June, stating it enables an attacker to bypass sandbox restrictions and achieve code execution, giving them complete control over a susceptible server.

This week, the Shadowserver Foundation said it spotted in-the-wild exploitation attempts that leverage the flaw, making it imperative that users move quickly to apply the latest fixes.

“We are observing Apache HugeGraph-Server CVE-2024-27348 RCE ‘POST /gremlin’ exploitation attempts from multiple sources,” it said. "[Proof-of-concept] code is public since early June. If you run HugeGraph, make sure to update."

Vulnerabilities discovered in Apache projects have been lucrative attack vectors for the nation-state and financially motivated threat actors in recent years, with flaws in Log4j, ActiveMQ, and RocketMQ coming under heavy exploitation to infiltrate target environments.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related news

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week. The

Apache HugeGraph Gremlin Remote Code Execution

This Metasploit module exploits CVE-2024-27348, a remote code execution vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve remote code execution through Gremlin, resulting in complete control over the server.

GHSA-29rc-vq7f-x335: Apache HugeGraph-Server: Command execution in gremlin

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.