- Description
- Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005 through 4.8.0-beta00016. An attacker that can intercept traffic between a replication client and server, or control the target replication node URL, can provide a specially-crafted JSON response that is deserialized as an attacker-provided exception type. This can result in remote code execution or other potential unauthorized access. Users are recommended to upgrade to version 4.8.0-beta00017, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Apache Lucene NET の脆弱性 CVE-2024-43383 がFIX:直ちにアップデートを! https://t.co/6rlvGxglSJ #Apache #Lucene #LucenedotNET #OpenSource #Vulnerability
@iototsecnews
11 Nov 2024
76 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Lucene fixes CVE-2024-43383 #ApacheLucene #CVE-2024-43383 https://t.co/D4JQ4jrN3H
@pravin_karthik
2 Nov 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-43383: Critical Flaw in Apache https://t.co/4lXC58tUjW Exposes Users to Remote Code CVE-2024-43383 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/ooZzCaJAcP #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
1 Nov 2024
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-43383: Critical vuln in Apache https://t.co/CUUyTUMbxi.Replicator up to 4.8.0-beta00016 leads to Privilege Escalation. Upgrade affected component immediately to mitigate risk. #CyberSecurity #InfoSec
@oktsec
31 Oct 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43383 Deserialization of Untrusted Data vulnerability in Apache https://t.co/zmxy8J0LiM.Replicator. This issue affects Apache https://t.co/ZsGxqOoySQ's Replicator library: from 4.8.0-beta00005 thro… https://t.co/YLpXlOHuJj
@CVEnew
31 Oct 2024
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00005:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79E25A9C-01FC-44B3-9A5E-F5E1D3CFADD7"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00006:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7553B675-B9BE-4969-81F4-0757F91478CE"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00007:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1405236D-970D-4879-A98C-87693C758494"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00008:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07188547-C926-4937-87E9-23546E2EABFB"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00009:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74865A6E-42F5-4C8E-9159-63240AE55BAC"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00010:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC844BB8-F736-4DFD-9410-E45558F112B7"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00011:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4FB017B-3FE4-4272-AB5C-292F4833BD81"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00012:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5882F11D-D145-46D3-8740-D4336E34F323"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00013:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24AD241C-97F8-4F93-811C-99E707E2B0E6"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00014:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E363C64-EE85-4302-8D26-71B11D8B9B5C"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00015:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB9EB424-2545-4B57-8284-68AD0E57A92A"
},
{
"criteria": "cpe:2.3:a:apache:lucene.net:4.8.0:beta00016:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8B783C0-35FD-433D-A597-3B2B3B5E190A"
}
],
"operator": "OR"
}
]
}
]