Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
References
Link | Resource |
---|---|
https://github.com/dromara/hertzbeat/releases/tag/v1.4.1 | Release Notes |
https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 | Exploit Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-12-22T20:56:37.097Z
Updated: 2023-12-22T20:56:37.097Z
Reserved: 2023-12-20T22:12:04.737Z
Link: CVE-2023-51650
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-22T21:15:09.503
Modified: 2024-01-03T19:53:37.357
Link: CVE-2023-51650
JSON object: View
Redhat Information
No data.
CWE