CVE-2023-51650: Unauthorized access vulnerability on three interfaces
First published: Fri Dec 22 2023(Updated: )
Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Hertzbeat | <1.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/author
- agent/title
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/apache
- canonical/apache hertzbeat