{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:56:13.500","vulnerabilities":[{"cve":{"id":"CVE-2024-45505","sourceIdentifier":"security@apache.org","published":"2024-11-18T09:15:05.870","lastModified":"2025-06-24T16:23:59.003","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un comando ('Inyección de comandos') en Apache HertzBeat (en incubación). Esta vulnerabilidad solo puede ser explotada por atacantes autorizados. Este problema afecta a Apache HertzBeat (en incubación): versiones anteriores a la 1.6.1. Se recomienda a los usuarios que actualicen a la versión 1.6.1, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*","versionEndExcluding":"1.6.1","matchCriteriaId":"31A840B0-6D88-40B3-8EFF-312BCE77DC0D"}]}]}],"references":[{"url":"https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/11/16/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}