July 17, 2024 at 01:42AM
Threat actors are exploiting a critical security flaw in Apache HugeGraph-Server, enabling remote code execution attacks (CVE-2024-27348, CVSS score: 9.8). Users are urged to upgrade to version 1.3.0 with Java11 and enable the Auth system to fix the issue. Exploitation attempts are in the wild, emphasizing the urgency of applying the latest fixes.
Key takeaways from the meeting notes on Newsroom Vulnerability / Data Security:
– There is a critical security flaw impacting Apache HugeGraph-Server, tracked as CVE-2024-27348 with a CVSS score of 9.8, affecting all versions before 1.3.0. The flaw is a remote command execution in the Gremlin graph traversal language API.
– Users are advised to upgrade to version 1.3.0 with Java11 and enable the Auth system, along with the ‘Whitelist-IP/port’ function to enhance RESTful-API security.
– Specific details about the flaw were released by SecureLayer7 in early June, highlighting its ability to bypass sandbox restrictions and enable code execution.
– The Shadowserver Foundation has observed in-the-wild exploitation attempts leveraging the vulnerability, emphasizing the urgency of applying the latest fixes.
– Apache project vulnerabilities have been targeted by nation-state and financially motivated threat actors, with recent heavy exploitation of flaws in Log4j, ActiveMQ, and RocketMQ.
Stay updated with more exclusive content on Twitter and LinkedIn.