The Download
CISA, the US Cybersecurity Infrastructure Security Agency, issued a warning about a critical vulnerability (CVE-2023-41887) in the Apache HugeGraph Server, which is being actively exploited. This flaw allows attackers to bypass authentication, potentially granting them control over the server and access to sensitive data. The vulnerability affects versions prior to 1.1.4, and once exploited, attackers can perform arbitrary code execution, leading to broader network compromise.
Although the vulnerability was released in April 2o24, CISA added it to its Known Exploitable Vulnerability (KEV) catalog based on intelligence of active compromise. It mandates Federal agencies must patch this vulnerability by October 9th.
What You Can Do
To protect against this vulnerability, IT administrators should immediately update Apache HugeGraph Server to the latest version (1.3.0 or higher) as it includes crucial patches. In addition, CISA suggests the following steps: use Java 11, enable the Auth system, and use the whitelisting IP/port function to ensure access is granted to authorized users and devices only. To understand your attack surface, use ThreatMate vulnerability scan.
To Learn More:
Comments