CVE Vulnerabilities

CVE-2024-43441

Authentication Bypass by Assumed-Immutable Data

Published: Dec 24, 2024 | Modified: Jul 01, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server.

This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0.

Users are recommended to upgrade to version 1.5.0, which fixes the issue.

Weakness

The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.

Affected Software

Name Vendor Start Version End Version
Hugegraph Apache 1.0.0 (including) 1.5.0 (excluding)

Potential Mitigations

References