Unrated severityNVD Advisory· Published Nov 18, 2024· Updated Nov 18, 2024
Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities
CVE-2024-45505
Description
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat (incubating): before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Affected products
2Patches
Vulnerability mechanics
References
2- lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0mitrevendor-advisory
- lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19mitrevendor-advisory
News mentions
0No linked articles in our index yet.