CISA warns of actively exploited Apache HugeGraph-Server worm
Oeisdigitalinvestigator.com:
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added 5 flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a a ways flung code execution (RCE) flaw impacting Apache HugeGraph-Server.
The flaw, tracked as CVE-2024-27348 and rated necessary (CVSS v3.1 ranking: 9.8), is an despicable gather entry to defend an eye fixed on vulnerability that impacts HugeGraph-Server versions from 1.0.0 and as much as, however now not alongside side 1.3.0.
Apache mounted the vulnerability on April 22, 2024, with the free up of version 1.3.0. Other than upgrading to the latest version, customers were additionally suggested to make employ of Java 11 and enable the Auth machine.
Also, enabling the “Whitelist-IP/port” feature became proposed to make stronger the safety of the RESTful-API execution, which became eager on doubtless assault chains.
Now, CISA has warned that energetic exploitation of CVE-2024-27348 has been noticed in the wild, giving federal businesses and diversified necessary infrastructure organizations unless October 9, 2024, to practice mitigations or dwell the employ of the product.
Apache HugeGraph-Server is the core component of the Apache HugeGraph mission, an initiating-source graph database designed for handling natty-scale graph recordsdata with high efficiency and scalability, supporting advanced operations required in deep relationship exploitation, recordsdata clustering, and path searches.
The product is extinct, among others, by telecom providers for fraud detection and community diagnosis, monetary companies and products for likelihood defend an eye fixed on and transaction sample diagnosis, and social networks for connection diagnosis and automated suggestion systems.
With energetic exploitation underway and the product extinct in it sounds as if high-fee endeavor environments, applying the available safety updates and mitigations as presently as that it’s doubtless you’ll perhaps be ready to think is exigent.
The diversified four flaws added to KEV this time are:
- CVE-2020-0618: Microsoft SQL Server Reporting Services and products Faraway Code Execution Vulnerability
- CVE-2019-1069: Microsoft Dwelling windows Job Scheduler Privilege Escalation Vulnerability
- CVE-2022-21445: Oracle JDeveloper Faraway Code Execution Vulnerability
- CVE-2020-14644: Oracle WebLogic Server Faraway Code Execution Vulnerability
The inclusion of these older vulnerabilities is now not a sign of most modern exploitation however serves to counterpoint the KEV catalog by documenting safety flaws that were confirmed to were extinct in assaults one day in the previous.