Authorized Attackers can Exploit Deserialization of Untrusted Data Vulnerability in Apache HertzBeat Before 1.6.1

CVE-2024-41151

Currently unrated 🤨

Key Information

Vendor: Apache
Status: Apache Hertzbeat
Vendor: CVE Published:; 18 November 2024

Summary

Deserialization of Untrusted Data vulnerability in Apache HertzBeat. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue.

Affected Version(s)

Apache HertzBeat < 1.6.1

Timeline

Vulnerability published.
Nov 18, 2024
Vulnerability Reserved.
Jul 16, 2024

Collectors

NVD DatabaseMitre Database

Credit

Li Yi Wei

Elin Kai