CVE-2024-43441

Name of the Vulnerable Software and Affected Versions Apache HugeGraph-Server versions 1.0.0 through 1.5.0

Description The issue is related to an authentication bypass vulnerability in Apache HugeGraph-Server, which can be exploited by remote attackers to execute arbitrary code. This vulnerability is caused by the exploitation of assumed-immutable data.

Recommendations To resolve the issue, users are recommended to upgrade to version 1.5.0, which fixes the issue. As a temporary workaround, consider restricting access to sensitive graph data until the upgrade is applied.