CVE-2023-51650

Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:38

Type Values Removed Values Added
References () https://github.com/dromara/hertzbeat/releases/tag/v1.4.1 - Release Notes () https://github.com/dromara/hertzbeat/releases/tag/v1.4.1 - Release Notes
References () https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 - Exploit, Vendor Advisory () https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 - Exploit, Vendor Advisory

28 Aug 2024, 15:44

Type Values Removed Values Added
CPE cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:* cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*
First Time Apache
Apache hertzbeat

03 Jan 2024, 19:53

Type Values Removed Values Added
CPE cpe:2.3:a:dromara:hertzbeat:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References () https://github.com/dromara/hertzbeat/releases/tag/v1.4.1 - () https://github.com/dromara/hertzbeat/releases/tag/v1.4.1 - Release Notes
References () https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 - () https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 - Exploit, Vendor Advisory
First Time Dromara
Dromara hertzbeat

22 Dec 2023, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-22 21:15

Updated : 2024-11-21 08:38


NVD link : CVE-2023-51650

Mitre link : CVE-2023-51650

CVE.ORG link : CVE-2023-51650


JSON object : View

Products Affected

apache

  • hertzbeat
CWE
CWE-862

Missing Authorization