QwikSec

Security Database

CVE

CWE

Training

CVE-2024-45505

Published: Nov 18, 2024

Modified: Nov 18, 2024

PUBLISHED

Description

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating). This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat (incubating): before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue.

Vendor	Product	Versions
Apache Software Foundation	Apache HertzBeat	affected `0 - < 1.6.1`

Weaknesses (CWE)

References

https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19

vendor-advisory

https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.