CVE-2024-27348

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

94.3%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.

Technical Details

Published
4/22/2024
Exploit-DB
EDB-52149

Frequently Asked Questions

What is CVE-2024-27348?

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.

Is CVE-2024-27348 actively exploited?

Active exploitation of CVE-2024-27348 has not been confirmed. The EPSS score is 94.3%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-27348?

CVE-2024-27348 has a CVSS v3 base score of 9.8 (CRITICAL severity).

Is CVE-2024-27348 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.