Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
32 vulnerabilities found for hertzbeat by apache
CVE-2026-24343 (GCVE-0-2026-24343)
Vulnerability from cvelistv5 – Published: 2026-02-10 09:28 – Updated: 2026-02-10 15:37
VLAI
Title
Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Summary
Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.
Users are recommended to upgrade to version 1.8.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-643 - Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
1.7.1 , < 1.8.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-02-10T10:22:47.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/02/09/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-24343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:36:26.476967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:37:07.090Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "org.apache.hertzbeat:hertzbeat-collector",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.8.0",
"status": "affected",
"version": "1.7.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027) vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.8.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027) vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "Important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-643",
"description": "CWE-643 Improper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T09:28:52.465Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/b2k3jqwffrbo2sy6bl4n0f68kp8bfo1n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2026-24343",
"datePublished": "2026-02-10T09:28:52.465Z",
"dateReserved": "2026-01-22T08:43:55.767Z",
"dateUpdated": "2026-02-10T15:37:07.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48208 (GCVE-0-2025-48208)
Vulnerability from cvelistv5 – Published: 2025-09-09 09:31 – Updated: 2025-11-04 21:10
VLAI
Title
Apache HertzBeat (incubating): Jmx JNDI injection vulnerability
Summary
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .
The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.
This issue affects Apache HertzBeat: through 1.7.2.
Users are recommended to upgrade to version [1.7.3], which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat (incubating) |
Affected:
0 , ≤ 1.7.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:48:31.167107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T14:22:30.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:58.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/06/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F10wers13eiCHeng"
},
{
"lang": "en",
"type": "finder",
"value": "aftersnow"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027) vulnerability in Apache HertzBeat .\u003c/p\u003e\n\n\n\n\n\n\n\n\n\n\n\u003cp\u003eThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: through 1.7.2.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version [1.7.3], which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027) vulnerability in Apache HertzBeat .\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\n\nThis issue affects Apache HertzBeat: through 1.7.2.\n\nUsers are recommended to upgrade to version [1.7.3], which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T09:31:35.585Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat (incubating): Jmx JNDI injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-48208",
"datePublished": "2025-09-09T09:31:35.585Z",
"dateReserved": "2025-05-18T00:58:41.640Z",
"dateUpdated": "2025-11-04T21:10:58.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24404 (GCVE-0-2025-24404)
Vulnerability from cvelistv5 – Published: 2025-09-09 09:30 – Updated: 2025-11-04 21:09
VLAI
Title
Apache HertzBeat (incubating): RCE by parse http sitemap xml response
Summary
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.
The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-91 - XML Injection (aka Blind XPath Injection)
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat (incubating) |
Affected:
0 , < 1.7.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T14:22:00.539407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T14:22:22.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:09:42.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/06/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "unam4"
},
{
"lang": "en",
"type": "finder",
"value": "springkill"
},
{
"lang": "en",
"type": "finder",
"value": "Zoiltin"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eXML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.\u003c/p\u003e\n\n\n\n\n\n\n\n\n\n\n\u003cp\u003eThe attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.7.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.7.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.\n\nThis issue affects Apache HertzBeat (incubating): before 1.7.0.\n\nUsers are recommended to upgrade to version 1.7.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91 XML Injection (aka Blind XPath Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T09:30:59.424Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/4ydy3tqbpwmhl79mcj3pxwqz62nggrfd"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat (incubating): RCE by parse http sitemap xml response",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-24404",
"datePublished": "2025-09-09T09:30:59.424Z",
"dateReserved": "2025-01-21T14:41:26.279Z",
"dateUpdated": "2025-11-04T21:09:42.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-56736 (GCVE-0-2024-56736)
Vulnerability from cvelistv5 – Published: 2025-04-16 15:38 – Updated: 2025-04-16 18:03
VLAI
Title
Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
Summary
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/kdzg36h9yxp0q0n4l… | vendor-advisory |
| https://lists.apache.org/thread/lwfhsllos1rx9v8k0… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2025/04/16/1 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.7.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:58:05.077389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:58:29.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-16T18:03:38.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/16/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "tonghuaroot"
},
{
"lang": "en",
"type": "finder",
"value": "zyufoye"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eServer-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.7.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.7.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat (incubating): before 1.7.0.\n\nUsers are recommended to upgrade to version 1.7.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:38:11.307Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/kdzg36h9yxp0q0n4lhcfppxntjy8rj1x"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lwfhsllos1rx9v8k0yhl252cbpqpn0sv"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-56736",
"datePublished": "2025-04-16T15:38:11.307Z",
"dateReserved": "2024-12-28T04:17:54.835Z",
"dateUpdated": "2025-04-16T18:03:38.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41151 (GCVE-0-2024-41151)
Vulnerability from cvelistv5 – Published: 2024-11-18 08:45 – Updated: 2024-11-18 15:07
VLAI
Title
Apache HertzBeat: RCE by notice template injection vulnerability
Summary
Deserialization of Untrusted Data vulnerability in Apache HertzBeat.
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat: before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/p33tg0vo5nh6kscth… | vendor-advisory |
| https://lists.apache.org/thread/oor9nw6nh2ojnfw8d… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/6 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:31.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:07:19.992743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:07:22.821Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Li Yi Wei"
},
{
"lang": "en",
"type": "finder",
"value": "Elin Kai"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDeserialization of Untrusted Data vulnerability in Apache HertzBeat.\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Apache HertzBeat.\n\nThis vulnerability can only be exploited by authorized attackers.\n\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:45:49.288Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/p33tg0vo5nh6kscth4262ktsqo3h5lqo"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/oor9nw6nh2ojnfw8d8oxrv40cbtk5mwj"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: RCE by notice template injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-41151",
"datePublished": "2024-11-18T08:45:49.288Z",
"dateReserved": "2024-07-16T08:51:21.881Z",
"dateUpdated": "2024-11-18T15:07:22.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45791 (GCVE-0-2024-45791)
Vulnerability from cvelistv5 – Published: 2024-11-18 08:45 – Updated: 2024-11-18 15:04
VLAI
Title
Apache HertzBeat: Exposure sensitive token via http GET method with query string
Summary
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat: before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/jmbsfjsvrfnvosh1f… | vendor-advisory |
| https://lists.apache.org/thread/lvsczrp8kdynppmzy… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/5 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:39.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/5"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:04:51.251166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:04:55.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u00cdcaro Torres"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eExposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:45:23.459Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jmbsfjsvrfnvosh1ftrm3ry4j3sb7doz"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lvsczrp8kdynppmzyxtkh4ord4gpw1ph"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: Exposure sensitive token via http GET method with query string",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45791",
"datePublished": "2024-11-18T08:45:23.459Z",
"dateReserved": "2024-09-09T13:34:37.283Z",
"dateUpdated": "2024-11-18T15:04:55.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45505 (GCVE-0-2024-45505)
Vulnerability from cvelistv5 – Published: 2024-11-18 08:44 – Updated: 2024-11-18 15:05
VLAI
Title
Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities
Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/h8k14o1bfyod66p11… | vendor-advisory |
| https://lists.apache.org/thread/gvbc68krhqhht7mkk… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/4 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:37.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:05:15.319201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:05:53.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Unam4"
},
{
"lang": "en",
"type": "finder",
"value": "Springkilll"
},
{
"lang": "en",
"type": "finder",
"value": "yemoli"
},
{
"lang": "en",
"type": "finder",
"value": "yulate"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Apache HertzBeat (incubating).\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Apache HertzBeat (incubating).\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:44:46.165Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45505",
"datePublished": "2024-11-18T08:44:46.165Z",
"dateReserved": "2024-08-31T02:52:51.360Z",
"dateUpdated": "2024-11-18T15:05:53.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42323 (GCVE-0-2024-42323)
Vulnerability from cvelistv5 – Published: 2024-09-21 09:30 – Updated: 2024-09-23 15:23
VLAI
Title
Apache HertzBeat: RCE by snakeYaml deser load malicious xml
Summary
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.0.
Users are recommended to upgrade to version 1.6.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/r0c4tost4bllqc1n9… | vendor-advisory |
| https://lists.apache.org/thread/dwpwm572sbwon1mkn… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/09/21/1 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.0
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.0
(semver)
cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-21T13:05:19.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/21/1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-42323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T15:21:18.726403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T15:23:37.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yulate"
},
{
"lang": "en",
"type": "reporter",
"value": "Liufeng Yi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).\u0026nbsp;\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.6.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.0, which fixes the issue.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).\u00a0\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.0.\n\nUsers are recommended to upgrade to version 1.6.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-21T09:30:15.295Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/r0c4tost4bllqc1n9q6rmzs1slgsq63t"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/dwpwm572sbwon1mknlwhkpbom2y7skbx"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: RCE by snakeYaml deser load malicious xml",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-42323",
"datePublished": "2024-09-21T09:30:15.295Z",
"dateReserved": "2024-07-30T08:25:01.718Z",
"dateUpdated": "2024-09-23T15:23:37.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42362 (GCVE-0-2024-42362)
Vulnerability from cvelistv5 – Published: 2024-08-20 20:56 – Updated: 2024-08-21 13:36
VLAI
Title
GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://github.com/apache/hertzbeat/pull/1611 | x_refsource_MISC |
| https://github.com/apache/hertzbeat/pull/1620 | x_refsource_MISC |
| https://github.com/apache/hertzbeat/pull/1620/fil… | x_refsource_MISC |
| https://github.com/apache/hertzbeat/commit/79f540… | x_refsource_MISC |
| https://github.com/apache/hertzbeat/commit/9dbbfb… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42362",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:33:20.650257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T13:36:54.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HertzBeat",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:56:23.725Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1611",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1611"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1620",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1620"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1620/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1620/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8"
},
{
"name": "https://github.com/apache/hertzbeat/commit/79f5408e345e8e89da97be05f43e3204a950ddfb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/commit/79f5408e345e8e89da97be05f43e3204a950ddfb"
},
{
"name": "https://github.com/apache/hertzbeat/commit/9dbbfb7812fc4440ba72bdee66799edd519d06bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/commit/9dbbfb7812fc4440ba72bdee66799edd519d06bb"
}
],
"source": {
"advisory": "GHSA-q387-2hc7-vv6q",
"discovery": "UNKNOWN"
},
"title": "GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42362",
"datePublished": "2024-08-20T20:56:23.725Z",
"dateReserved": "2024-07-30T14:01:33.923Z",
"dateUpdated": "2024-08-21T13:36:54.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42361 (GCVE-0-2024-42361)
Vulnerability from cvelistv5 – Published: 2024-08-20 20:56 – Updated: 2024-09-03 14:54
VLAI
Title
GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42361",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:54:29.935082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:54:10.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HertzBeat",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:56:20.155Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/manager/src/main/java/org/dromara/hertzbeat/manager/controller/MonitorsController.java#L202",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/manager/src/main/java/org/dromara/hertzbeat/manager/controller/MonitorsController.java#L202"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L242",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L242"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L295",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L295"
}
],
"source": {
"advisory": "GHSA-mpq5-hmgj-5f8w",
"discovery": "UNKNOWN"
},
"title": "GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42361",
"datePublished": "2024-08-20T20:56:20.155Z",
"dateReserved": "2024-07-30T14:01:33.923Z",
"dateUpdated": "2024-09-03T14:54:10.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51389 (GCVE-0-2023-51389)
Vulnerability from cvelistv5 – Published: 2024-02-22 15:59 – Updated: 2024-08-22 17:54
VLAI
Title
HertzBeat SnakeYAML Deser RCE
Summary
Hertzbeat is a real-time monitoring system. At the interface of `/define/yml`, SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML deserialization vulnerability. Version 1.4.1 fixes this vulnerability.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/97c3f… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51389",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T18:54:45.617098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T17:54:37.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. At the interface of `/define/yml`, SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML deserialization vulnerability. Version 1.4.1 fixes this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:59:29.842Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17"
}
],
"source": {
"advisory": "GHSA-rmvr-9p5x-mm96",
"discovery": "UNKNOWN"
},
"title": "HertzBeat SnakeYAML Deser RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51389",
"datePublished": "2024-02-22T15:59:29.842Z",
"dateReserved": "2023-12-18T19:35:29.004Z",
"dateUpdated": "2024-08-22T17:54:37.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51388 (GCVE-0-2023-51388)
Vulnerability from cvelistv5 – Published: 2024-02-22 15:53 – Updated: 2024-08-14 19:09
VLAI
Title
HertzBeat AviatorScript Inject RCE
Summary
Hertzbeat is a real-time monitoring system. In `CalculateAlarm.java`, `AviatorEvaluator` is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript (which can execute any static method by default) script injection. Version 1.4.1 fixes this vulnerability.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/8dcf0… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51388",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:08:29.282771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:09:04.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. In `CalculateAlarm.java`, `AviatorEvaluator` is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript (which can execute any static method by default) script injection. Version 1.4.1 fixes this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:53:46.458Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
}
],
"source": {
"advisory": "GHSA-mcqg-gqxr-hqgj",
"discovery": "UNKNOWN"
},
"title": "HertzBeat AviatorScript Inject RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51388",
"datePublished": "2024-02-22T15:53:46.458Z",
"dateReserved": "2023-12-18T19:35:29.003Z",
"dateUpdated": "2024-08-14T19:09:04.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51653 (GCVE-0-2023-51653)
Vulnerability from cvelistv5 – Published: 2024-02-22 15:39 – Updated: 2025-04-22 16:19
VLAI
Title
Hertzbeat JMX JNDI RCE
Summary
Hertzbeat is a real-time monitoring system. In the implementation of `JmxCollectImpl.java`, `JMXConnectorFactory.connect` is vulnerable to JNDI injection. The corresponding interface is `/api/monitor/detect`. If there is a URL field, the address will be used by default. When the URL is `service:jmx:rmi:///jndi/rmi://xxxxxxx:1099/localHikari`, it can be exploited to cause remote code execution. Version 1.4.1 contains a fix for this issue.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/f794b… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:1.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-23T18:07:08.817204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T16:19:23.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. In the implementation of `JmxCollectImpl.java`, `JMXConnectorFactory.connect` is vulnerable to JNDI injection. The corresponding interface is `/api/monitor/detect`. If there is a URL field, the address will be used by default. When the URL is `service:jmx:rmi:///jndi/rmi://xxxxxxx:1099/localHikari`, it can be exploited to cause remote code execution. Version 1.4.1 contains a fix for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:39:49.280Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef"
}
],
"source": {
"advisory": "GHSA-gcmp-vf6v-59gg",
"discovery": "UNKNOWN"
},
"title": "Hertzbeat JMX JNDI RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51653",
"datePublished": "2024-02-22T15:39:49.280Z",
"dateReserved": "2023-12-20T22:12:04.737Z",
"dateUpdated": "2025-04-22T16:19:23.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51650 (GCVE-0-2023-51650)
Vulnerability from cvelistv5 – Published: 2023-12-22 20:56 – Updated: 2025-04-23 16:17
VLAI
Title
Unauthorized access vulnerability on three interfaces
Summary
Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/releases/tag… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:33.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2"
},
{
"name": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51650",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T16:44:50.661080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:17:23.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T20:56:37.097Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2"
},
{
"name": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1"
}
],
"source": {
"advisory": "GHSA-rrc5-qpxr-5jm2",
"discovery": "UNKNOWN"
},
"title": "Unauthorized access vulnerability on three interfaces"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51650",
"datePublished": "2023-12-22T20:56:37.097Z",
"dateReserved": "2023-12-20T22:12:04.737Z",
"dateUpdated": "2025-04-23T16:17:23.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51387 (GCVE-0-2023-51387)
Vulnerability from cvelistv5 – Published: 2023-12-22 20:46 – Updated: 2024-08-02 22:32
VLAI
Title
Expression Injection Vulnerability in Hertzbeat
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1.
Severity
7.2 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/8dcf0… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/6b59949… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T20:46:29.236Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md"
}
],
"source": {
"advisory": "GHSA-4576-m8px-w9qj",
"discovery": "UNKNOWN"
},
"title": "Expression Injection Vulnerability in Hertzbeat"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51387",
"datePublished": "2023-12-22T20:46:29.236Z",
"dateReserved": "2023-12-18T19:35:29.003Z",
"dateUpdated": "2024-08-02T22:32:09.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-24343 (GCVE-0-2026-24343)
Vulnerability from nvd – Published: 2026-02-10 09:28 – Updated: 2026-02-10 15:37
VLAI
Title
Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Summary
Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.
Users are recommended to upgrade to version 1.8.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-643 - Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
1.7.1 , < 1.8.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-02-10T10:22:47.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/02/09/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-24343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:36:26.476967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:37:07.090Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "org.apache.hertzbeat:hertzbeat-collector",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.8.0",
"status": "affected",
"version": "1.7.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027) vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.8.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027) vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "Important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-643",
"description": "CWE-643 Improper Neutralization of Data within XPath Expressions (\u0027XPath Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T09:28:52.465Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/b2k3jqwffrbo2sy6bl4n0f68kp8bfo1n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2026-24343",
"datePublished": "2026-02-10T09:28:52.465Z",
"dateReserved": "2026-01-22T08:43:55.767Z",
"dateUpdated": "2026-02-10T15:37:07.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48208 (GCVE-0-2025-48208)
Vulnerability from nvd – Published: 2025-09-09 09:31 – Updated: 2025-11-04 21:10
VLAI
Title
Apache HertzBeat (incubating): Jmx JNDI injection vulnerability
Summary
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .
The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.
This issue affects Apache HertzBeat: through 1.7.2.
Users are recommended to upgrade to version [1.7.3], which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat (incubating) |
Affected:
0 , ≤ 1.7.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:48:31.167107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T14:22:30.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:58.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/06/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F10wers13eiCHeng"
},
{
"lang": "en",
"type": "finder",
"value": "aftersnow"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027) vulnerability in Apache HertzBeat .\u003c/p\u003e\n\n\n\n\n\n\n\n\n\n\n\u003cp\u003eThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: through 1.7.2.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version [1.7.3], which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027) vulnerability in Apache HertzBeat .\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\n\nThis issue affects Apache HertzBeat: through 1.7.2.\n\nUsers are recommended to upgrade to version [1.7.3], which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T09:31:35.585Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat (incubating): Jmx JNDI injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-48208",
"datePublished": "2025-09-09T09:31:35.585Z",
"dateReserved": "2025-05-18T00:58:41.640Z",
"dateUpdated": "2025-11-04T21:10:58.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24404 (GCVE-0-2025-24404)
Vulnerability from nvd – Published: 2025-09-09 09:30 – Updated: 2025-11-04 21:09
VLAI
Title
Apache HertzBeat (incubating): RCE by parse http sitemap xml response
Summary
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.
The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-91 - XML Injection (aka Blind XPath Injection)
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat (incubating) |
Affected:
0 , < 1.7.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T14:22:00.539407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T14:22:22.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:09:42.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/06/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "unam4"
},
{
"lang": "en",
"type": "finder",
"value": "springkill"
},
{
"lang": "en",
"type": "finder",
"value": "Zoiltin"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eXML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.\u003c/p\u003e\n\n\n\n\n\n\n\n\n\n\n\u003cp\u003eThe attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.7.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.7.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.\n\nThis issue affects Apache HertzBeat (incubating): before 1.7.0.\n\nUsers are recommended to upgrade to version 1.7.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91 XML Injection (aka Blind XPath Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T09:30:59.424Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/4ydy3tqbpwmhl79mcj3pxwqz62nggrfd"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat (incubating): RCE by parse http sitemap xml response",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-24404",
"datePublished": "2025-09-09T09:30:59.424Z",
"dateReserved": "2025-01-21T14:41:26.279Z",
"dateUpdated": "2025-11-04T21:09:42.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-56736 (GCVE-0-2024-56736)
Vulnerability from nvd – Published: 2025-04-16 15:38 – Updated: 2025-04-16 18:03
VLAI
Title
Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
Summary
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/kdzg36h9yxp0q0n4l… | vendor-advisory |
| https://lists.apache.org/thread/lwfhsllos1rx9v8k0… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2025/04/16/1 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.7.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:58:05.077389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:58:29.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-16T18:03:38.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/16/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "tonghuaroot"
},
{
"lang": "en",
"type": "finder",
"value": "zyufoye"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eServer-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.7.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.7.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat (incubating): before 1.7.0.\n\nUsers are recommended to upgrade to version 1.7.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:38:11.307Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/kdzg36h9yxp0q0n4lhcfppxntjy8rj1x"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lwfhsllos1rx9v8k0yhl252cbpqpn0sv"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-56736",
"datePublished": "2025-04-16T15:38:11.307Z",
"dateReserved": "2024-12-28T04:17:54.835Z",
"dateUpdated": "2025-04-16T18:03:38.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41151 (GCVE-0-2024-41151)
Vulnerability from nvd – Published: 2024-11-18 08:45 – Updated: 2024-11-18 15:07
VLAI
Title
Apache HertzBeat: RCE by notice template injection vulnerability
Summary
Deserialization of Untrusted Data vulnerability in Apache HertzBeat.
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat: before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/p33tg0vo5nh6kscth… | vendor-advisory |
| https://lists.apache.org/thread/oor9nw6nh2ojnfw8d… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/6 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:31.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:07:19.992743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:07:22.821Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Li Yi Wei"
},
{
"lang": "en",
"type": "finder",
"value": "Elin Kai"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDeserialization of Untrusted Data vulnerability in Apache HertzBeat.\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Apache HertzBeat.\n\nThis vulnerability can only be exploited by authorized attackers.\n\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:45:49.288Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/p33tg0vo5nh6kscth4262ktsqo3h5lqo"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/oor9nw6nh2ojnfw8d8oxrv40cbtk5mwj"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: RCE by notice template injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-41151",
"datePublished": "2024-11-18T08:45:49.288Z",
"dateReserved": "2024-07-16T08:51:21.881Z",
"dateUpdated": "2024-11-18T15:07:22.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45791 (GCVE-0-2024-45791)
Vulnerability from nvd – Published: 2024-11-18 08:45 – Updated: 2024-11-18 15:04
VLAI
Title
Apache HertzBeat: Exposure sensitive token via http GET method with query string
Summary
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat: before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/jmbsfjsvrfnvosh1f… | vendor-advisory |
| https://lists.apache.org/thread/lvsczrp8kdynppmzy… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/5 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:39.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/5"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:04:51.251166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:04:55.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u00cdcaro Torres"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eExposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HertzBeat: before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:45:23.459Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jmbsfjsvrfnvosh1ftrm3ry4j3sb7doz"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lvsczrp8kdynppmzyxtkh4ord4gpw1ph"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: Exposure sensitive token via http GET method with query string",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45791",
"datePublished": "2024-11-18T08:45:23.459Z",
"dateReserved": "2024-09-09T13:34:37.283Z",
"dateUpdated": "2024-11-18T15:04:55.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45505 (GCVE-0-2024-45505)
Vulnerability from nvd – Published: 2024-11-18 08:44 – Updated: 2024-11-18 15:05
VLAI
Title
Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities
Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/h8k14o1bfyod66p11… | vendor-advisory |
| https://lists.apache.org/thread/gvbc68krhqhht7mkk… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/11/16/4 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.1
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.1
(custom)
cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:37.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:05:15.319201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:05:53.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Unam4"
},
{
"lang": "en",
"type": "finder",
"value": "Springkilll"
},
{
"lang": "en",
"type": "finder",
"value": "yemoli"
},
{
"lang": "en",
"type": "finder",
"value": "yulate"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Apache HertzBeat (incubating).\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.6.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.1, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Apache HertzBeat (incubating).\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:44:46.165Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45505",
"datePublished": "2024-11-18T08:44:46.165Z",
"dateReserved": "2024-08-31T02:52:51.360Z",
"dateUpdated": "2024-11-18T15:05:53.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42323 (GCVE-0-2024-42323)
Vulnerability from nvd – Published: 2024-09-21 09:30 – Updated: 2024-09-23 15:23
VLAI
Title
Apache HertzBeat: RCE by snakeYaml deser load malicious xml
Summary
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.0.
Users are recommended to upgrade to version 1.6.0, which fixes the issue.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/r0c4tost4bllqc1n9… | vendor-advisory |
| https://lists.apache.org/thread/dwpwm572sbwon1mkn… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/09/21/1 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HertzBeat |
Affected:
0 , < 1.6.0
(semver)
|
|
| apache | hertzbeat |
Affected:
0 , < 1.6.0
(semver)
cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-21T13:05:19.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/21/1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-42323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T15:21:18.726403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T15:23:37.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HertzBeat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yulate"
},
{
"lang": "en",
"type": "reporter",
"value": "Liufeng Yi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).\u0026nbsp;\u003c/p\u003eThis vulnerability can only be exploited by authorized attackers.\u003cbr\u003e\u003cp\u003eThis issue affects Apache HertzBeat (incubating): before 1.6.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.6.0, which fixes the issue.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).\u00a0\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.0.\n\nUsers are recommended to upgrade to version 1.6.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-21T09:30:15.295Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/r0c4tost4bllqc1n9q6rmzs1slgsq63t"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/dwpwm572sbwon1mknlwhkpbom2y7skbx"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache HertzBeat: RCE by snakeYaml deser load malicious xml",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-42323",
"datePublished": "2024-09-21T09:30:15.295Z",
"dateReserved": "2024-07-30T08:25:01.718Z",
"dateUpdated": "2024-09-23T15:23:37.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42362 (GCVE-0-2024-42362)
Vulnerability from nvd – Published: 2024-08-20 20:56 – Updated: 2024-08-21 13:36
VLAI
Title
GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://github.com/apache/hertzbeat/pull/1611 | x_refsource_MISC |
| https://github.com/apache/hertzbeat/pull/1620 | x_refsource_MISC |
| https://github.com/apache/hertzbeat/pull/1620/fil… | x_refsource_MISC |
| https://github.com/apache/hertzbeat/commit/79f540… | x_refsource_MISC |
| https://github.com/apache/hertzbeat/commit/9dbbfb… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42362",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:33:20.650257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T13:36:54.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HertzBeat",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:56:23.725Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1611",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1611"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1620",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1620"
},
{
"name": "https://github.com/apache/hertzbeat/pull/1620/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/pull/1620/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8"
},
{
"name": "https://github.com/apache/hertzbeat/commit/79f5408e345e8e89da97be05f43e3204a950ddfb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/commit/79f5408e345e8e89da97be05f43e3204a950ddfb"
},
{
"name": "https://github.com/apache/hertzbeat/commit/9dbbfb7812fc4440ba72bdee66799edd519d06bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/hertzbeat/commit/9dbbfb7812fc4440ba72bdee66799edd519d06bb"
}
],
"source": {
"advisory": "GHSA-q387-2hc7-vv6q",
"discovery": "UNKNOWN"
},
"title": "GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42362",
"datePublished": "2024-08-20T20:56:23.725Z",
"dateReserved": "2024-07-30T14:01:33.923Z",
"dateUpdated": "2024-08-21T13:36:54.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42361 (GCVE-0-2024-42361)
Vulnerability from nvd – Published: 2024-08-20 20:56 – Updated: 2024-09-03 14:54
VLAI
Title
GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/1f12ac9… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42361",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:54:29.935082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:54:10.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HertzBeat",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:56:20.155Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/manager/src/main/java/org/dromara/hertzbeat/manager/controller/MonitorsController.java#L202",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/manager/src/main/java/org/dromara/hertzbeat/manager/controller/MonitorsController.java#L202"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L242",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L242"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L295",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L295"
}
],
"source": {
"advisory": "GHSA-mpq5-hmgj-5f8w",
"discovery": "UNKNOWN"
},
"title": "GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42361",
"datePublished": "2024-08-20T20:56:20.155Z",
"dateReserved": "2024-07-30T14:01:33.923Z",
"dateUpdated": "2024-09-03T14:54:10.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51389 (GCVE-0-2023-51389)
Vulnerability from nvd – Published: 2024-02-22 15:59 – Updated: 2024-08-22 17:54
VLAI
Title
HertzBeat SnakeYAML Deser RCE
Summary
Hertzbeat is a real-time monitoring system. At the interface of `/define/yml`, SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML deserialization vulnerability. Version 1.4.1 fixes this vulnerability.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/97c3f… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51389",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T18:54:45.617098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T17:54:37.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. At the interface of `/define/yml`, SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML deserialization vulnerability. Version 1.4.1 fixes this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:59:29.842Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rmvr-9p5x-mm96"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/97c3f14446d1c96d1fc993df111684926b6cce17"
}
],
"source": {
"advisory": "GHSA-rmvr-9p5x-mm96",
"discovery": "UNKNOWN"
},
"title": "HertzBeat SnakeYAML Deser RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51389",
"datePublished": "2024-02-22T15:59:29.842Z",
"dateReserved": "2023-12-18T19:35:29.004Z",
"dateUpdated": "2024-08-22T17:54:37.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51388 (GCVE-0-2023-51388)
Vulnerability from nvd – Published: 2024-02-22 15:53 – Updated: 2024-08-14 19:09
VLAI
Title
HertzBeat AviatorScript Inject RCE
Summary
Hertzbeat is a real-time monitoring system. In `CalculateAlarm.java`, `AviatorEvaluator` is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript (which can execute any static method by default) script injection. Version 1.4.1 fixes this vulnerability.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/8dcf0… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51388",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:08:29.282771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:09:04.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. In `CalculateAlarm.java`, `AviatorEvaluator` is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript (which can execute any static method by default) script injection. Version 1.4.1 fixes this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:53:46.458Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
}
],
"source": {
"advisory": "GHSA-mcqg-gqxr-hqgj",
"discovery": "UNKNOWN"
},
"title": "HertzBeat AviatorScript Inject RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51388",
"datePublished": "2024-02-22T15:53:46.458Z",
"dateReserved": "2023-12-18T19:35:29.003Z",
"dateUpdated": "2024-08-14T19:09:04.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51653 (GCVE-0-2023-51653)
Vulnerability from nvd – Published: 2024-02-22 15:39 – Updated: 2025-04-22 16:19
VLAI
Title
Hertzbeat JMX JNDI RCE
Summary
Hertzbeat is a real-time monitoring system. In the implementation of `JmxCollectImpl.java`, `JMXConnectorFactory.connect` is vulnerable to JNDI injection. The corresponding interface is `/api/monitor/detect`. If there is a URL field, the address will be used by default. When the URL is `service:jmx:rmi:///jndi/rmi://xxxxxxx:1099/localHikari`, it can be exploited to cause remote code execution. Version 1.4.1 contains a fix for this issue.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/f794b… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dromara:hertzbeat:1.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-23T18:07:08.817204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T16:19:23.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is a real-time monitoring system. In the implementation of `JmxCollectImpl.java`, `JMXConnectorFactory.connect` is vulnerable to JNDI injection. The corresponding interface is `/api/monitor/detect`. If there is a URL field, the address will be used by default. When the URL is `service:jmx:rmi:///jndi/rmi://xxxxxxx:1099/localHikari`, it can be exploited to cause remote code execution. Version 1.4.1 contains a fix for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T15:39:49.280Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-gcmp-vf6v-59gg"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/f794b0d82be49c596c04a042976446559eb315ef"
}
],
"source": {
"advisory": "GHSA-gcmp-vf6v-59gg",
"discovery": "UNKNOWN"
},
"title": "Hertzbeat JMX JNDI RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51653",
"datePublished": "2024-02-22T15:39:49.280Z",
"dateReserved": "2023-12-20T22:12:04.737Z",
"dateUpdated": "2025-04-22T16:19:23.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51650 (GCVE-0-2023-51650)
Vulnerability from nvd – Published: 2023-12-22 20:56 – Updated: 2025-04-23 16:17
VLAI
Title
Unauthorized access vulnerability on three interfaces
Summary
Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/releases/tag… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:33.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2"
},
{
"name": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51650",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T16:44:50.661080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:17:23.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T20:56:37.097Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2"
},
{
"name": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/releases/tag/v1.4.1"
}
],
"source": {
"advisory": "GHSA-rrc5-qpxr-5jm2",
"discovery": "UNKNOWN"
},
"title": "Unauthorized access vulnerability on three interfaces"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51650",
"datePublished": "2023-12-22T20:56:37.097Z",
"dateReserved": "2023-12-20T22:12:04.737Z",
"dateUpdated": "2025-04-23T16:17:23.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51387 (GCVE-0-2023-51387)
Vulnerability from nvd – Published: 2023-12-22 20:46 – Updated: 2024-08-02 22:32
VLAI
Title
Expression Injection Vulnerability in Hertzbeat
Summary
Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1.
Severity
7.2 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/dromara/hertzbeat/security/adv… | x_refsource_CONFIRM |
| https://github.com/dromara/hertzbeat/commit/8dcf0… | x_refsource_MISC |
| https://github.com/dromara/hertzbeat/blob/6b59949… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hertzbeat",
"vendor": "dromara",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T20:46:29.236Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj"
},
{
"name": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2"
},
{
"name": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dromara/hertzbeat/blob/6b599495763120ad1df6f4ed4b6713bb4885d8e2/home/blog/2023-09-26-hertzbeat-v1.4.1.md"
}
],
"source": {
"advisory": "GHSA-4576-m8px-w9qj",
"discovery": "UNKNOWN"
},
"title": "Expression Injection Vulnerability in Hertzbeat"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51387",
"datePublished": "2023-12-22T20:46:29.236Z",
"dateReserved": "2023-12-18T19:35:29.003Z",
"dateUpdated": "2024-08-02T22:32:09.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}