What is CVE-2024-43441?

CVE-2024-43441 is a vulnerability in Apache Software Foundation Hugegraph-server, classified under Authentication Bypass by Assumed-Immutable Data. Published 2024-12-24.

Is CVE-2024-43441 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Hugegraph-server

CVE-2024-43441

Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue.

EPSS: 0.894 (99.6th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Hugegraph-server — versions 1.0.0

Weakness classification (CWE)

CWE-302 — Authentication Bypass by Assumed-Immutable Data

Public proof-of-concept exploits

References

lists.apache.org/thread/h2607yv32wgcrywov960jpxhvsmmlf12 (vendor-advisory)

Frequently asked questions

What is CVE-2024-43441?: CVE-2024-43441 is a vulnerability in Apache Software Foundation Hugegraph-server, classified under Authentication Bypass by Assumed-Immutable Data. Published 2024-12-24.
Is CVE-2024-43441 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.