Active Exploitation of Critical Vulnerability in Apache HugeGraph-Server

Published on 23 Sep 2024

Apache has released security updates addressing a critical vulnerability (CVE-2024-27348) affecting their HugeGraph-Server. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10 and is reportedly being actively exploited.

Successful exploitation of the improper access control vulnerability could allow an unauthorised attacker to perform remote code execution.

The vulnerability affects HugeGraph-Server versions from 1.0.0 to before 1.3.0.

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here: