CNNVD-202509-1407 Information
Sep 09, 2025
cve
CNNVD ID
CNNVD-202509-1407
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Apache HertzBeat是美国阿帕奇(Apache)公司的一个可以监控各种组件的工具。 Apache HertzBeat 1.7.2及之前版本存在注入漏洞,该漏洞源于LDAP查询中特殊元素中和不当,可能导致LDAP注入攻击。
Description (English)
Apache Hertz Beat is a tool for the United States company Apache to monitor various components. There is an injection loophole in Apache Hertz Beat 1.7.2 and earlier versions, which stems from the inaccuracy of special elements in the LDAP query, which could lead to an LDAP injection attack.
Hazard Level
Medium
Vulnerability Type
注入
Affected Vendor
Apache Friends
Published
2025-09-09
Last Modified
2026-02-24
References
https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2
Patch
https://hertzbeat.apache.org/zh-cn/docs/download/
Share on: