CVE-2023-51387

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-51387
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51387.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-51387
Aliases
  • GHSA-4576-m8px-w9qj
Published
2023-12-22T20:46:29.236Z
Modified
2026-04-12T06:44:58.172839Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Expression Injection Vulnerability in Hertzbeat
Details

Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-94"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/51xxx/CVE-2023-51387.json"
}
References

Affected packages

Git / github.com/apache/hertzbeat

Affected ranges

Type
GIT
Repo
https://github.com/apache/hertzbeat
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2
Type
GIT
Repo
https://github.com/apache/hertzbeat
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51387.json"
vanir_signatures_modified 
"2026-04-12T06:44:58Z"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "1.4.1"
            }
        ]
    }
]
vanir_signatures 
[
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/apache/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "274775634421276378436326844491850087155",
                "128393106103258956987014331142665941882",
                "3432327775432734745529021815806477575",
                "102967356149164166109685571045507810064"
            ]
        },
        "id": "CVE-2023-51387-11378682",
        "deprecated": false,
        "target": {
            "file": "common/src/test/java/org/dromara/hertzbeat/common/config/AviatorConfigurationTest.java"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/apache/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "74708616442641397348423916365962824082",
                "77096554783898034189241389006509026379",
                "9735618267274334251772998096512522863",
                "312878533461543084548085465714826384563",
                "70717211903190448744977739483752820958",
                "302177120682052617560229298450366854353",
                "58717572691508086259303641244349212999",
                "328940450055653003194989771905427156507",
                "179449344807575227043281210427035794002",
                "272455907041846220979147902236925902041",
                "199183973939738630114866595826804051251",
                "274472597282784781626149211244042460510",
                "137463512803590457496429705538433839916",
                "108902009683142407908436038768132257668",
                "268054759885468681381021315422413284125",
                "223585108349330856241056143378929791157"
            ]
        },
        "id": "CVE-2023-51387-34ccf40b",
        "deprecated": false,
        "target": {
            "file": "common/src/main/java/org/dromara/hertzbeat/common/config/AviatorConfiguration.java"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/apache/hertzbeat/commit/8dcf050e27ca95d15460a7ba98a3df8a9cd1d3d2",
        "digest": {
            "function_hash": "48332701360318354387238206730059399375",
            "length": 1072.0
        },
        "id": "CVE-2023-51387-f553703a",
        "deprecated": false,
        "target": {
            "file": "common/src/main/java/org/dromara/hertzbeat/common/config/AviatorConfiguration.java",
            "function": "configAviatorEvaluator"
        }
    }
]