Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP for authentication with STARTTLS, and System Account for authorization, allows an attacker to log into the server by sending any valid username with an arbitrary password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Neo4j Enterprise Database Server 安全漏洞
Vulnerability Description
Neo4j Enterprise Database Server是美国Neo公司的一款基于Java的且完全兼容ACID的图形数据库,它支持数据迁移、附加组件等。 Neo4j Enterprise Database Server 3.4.9之前的3.4.x版本中存在安全漏洞,该漏洞源于程序没有执行正确的访问控制。攻击者可通过发送带有任意密码的任意有效用户名利用该漏洞登录到服务器。
CVSS Information
N/A
Vulnerability Type
N/A