CVE-2024-45791

CVE-2024-45791: Apache HertzBeat: Exposure sensitive token via http GET method with query string

Vendor Apache Software Foundation

Product Apache HertzBeat

Weakness CWE-200 · Info exposure

Published November 18, 2024

Last update November 18, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue.

Key dates

Disclosure timeline

November 18, 2024 CVE published

November 18, 2024 Record updated