Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NApache Hugegraph
APPApache1.0.0 – 1.3.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
Related vulnerabilities
CVE-2024-27348CRITICAL9.8⚠ KEVPL ✓ten sam produkt
RCE w Apache HugeGraph-Server — zdalne wykonanie poleceń bez uwierzytelnienia
CVE-2024-43441CRITICAL9.8PL ✓ten sam produkt
Authentication Bypass w Apache HugeGraph-Server (zakładane niezmienne dane)
CVE-2025-26866HIGH8.8ten sam produkt
A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserial...
CVE-2025-24813CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Apache Tomcat: Path Equivalence prowadzący do RCE i ujawnienia danych
CVE-2024-38856CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Apache OFBiz — nieautoryzowane wykonanie kodu przez błędną autoryzację