Detections
Analytics

CVE-2023-51650

high

Description

Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.

References

https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2

https://github.com/dromara/hertzbeat/releases/tag/v1.4.1

Details

Source: Mitre, NVD

Published: 2023-12-22

Updated: 2024-08-28

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00694