{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-48208", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2025-05-18T00:58:41.640Z", "datePublished": "2025-09-09T09:31:35.585Z", "dateUpdated": "2025-09-10T14:22:30.363Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache HertzBeat (incubating)", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "1.7.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "F10wers13eiCHeng"}, {"lang": "en", "type": "finder", "value": "aftersnow"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .</p>\n\n\n\n\n\n\n\n\n\n\n<p>The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.</p><p>This issue affects Apache HertzBeat: through 1.7.2.</p><p>Users are recommended to upgrade to version [1.7.3], which fixes the issue.</p>"}], "value": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\n\nThis issue affects Apache HertzBeat: through 1.7.2.\n\nUsers are recommended to upgrade to version [1.7.3], which fixes the issue."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-90", "description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2025-09-09T09:31:35.585Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache HertzBeat (incubating): Jmx JNDI injection vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-10T13:48:31.167107Z", "id": "CVE-2025-48208", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-10T14:22:30.363Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-48208", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-10T13:48:31.167107Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-10T13:48:23.634Z"}}], "cna": {"title": "Apache HertzBeat (incubating): Jmx JNDI injection vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "F10wers13eiCHeng"}, {"lang": "en", "type": "finder", "value": "aftersnow"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache HertzBeat (incubating)", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.7.2"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\n\nThis issue affects Apache HertzBeat: through 1.7.2.\n\nUsers are recommended to upgrade to version [1.7.3], which fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .</p>\n\n\n\n\n\n\n\n\n\n\n<p>The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.</p><p>This issue affects Apache HertzBeat: through 1.7.2.</p><p>Users are recommended to upgrade to version [1.7.3], which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-90", "description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2025-09-09T09:31:35.585Z"}}}, "cveMetadata": {"cveId": "CVE-2025-48208", "state": "PUBLISHED", "dateUpdated": "2025-09-10T14:22:30.363Z", "dateReserved": "2025-05-18T00:58:41.640Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2025-09-09T09:31:35.585Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*", "matchCriteriaId": "FAD2A7E1-247D-4A08-9F50-643DEDE88FA0", "versionEndExcluding": "1.7.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .\n\n\n\n\n\n\n\n\n\n\n\n\nThe attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution.\n\nThis issue affects Apache HertzBeat: through 1.7.2.\n\nUsers are recommended to upgrade to version [1.7.3], which fixes the issue."}], "id": "CVE-2025-48208", "lastModified": "2025-09-10T15:54:50.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-09T10:15:33.287", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-90"}], "source": "security@apache.org", "type": "Secondary"}]}

{}