CVE-2024-45505
CVSS V2 None
CVSS V3 None
Description
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.1.
Users are recommended to upgrade to version 1.6.1, which fixes the issue.
Overview
- CVE ID
- CVE-2024-45505
- Assigner
- apache
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-18T08:44:46.165Z
- Last Modified Date
- 2024-11-18T15:05:53.026Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19 | vendor-advisory |
| https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0 | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-45505 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45505 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-19 13:19:23 | Added to TrackCVE |