vulnerability

Apache HugeGraph: CVE-2024-27349: Authentication Bypass by Spoofing

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:N)

Published

Apr 22, 2024

Added

Apr 15, 2025

Modified

Mar 25, 2026

Description

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0.

Users are recommended to upgrade to version 1.3.0, which fixes the issue.

Solution

apache-hugegraph-upgrade-latest

References

CWE-290
CVE-2024-27349
https://attackerkb.com/topics/CVE-2024-27349
http://www.openwall.com/lists/oss-security/2024/04/22/4
https://lists.apache.org/thread/dz9n9lndqfsf64t72o73r7sttrc6ocsd
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-1128

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report