Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
对假设不可变数据的修改(MAID)
Vulnerability Title
Neo4j 安全漏洞
Vulnerability Description
Neo4j是美国Neo4j公司的一款基于Java的且完全兼容ACID的图形数据库,它支持数据迁移、附加组件等。 Neo4j 5.19.0之前版本存在安全漏洞,该漏洞源于Cypher 组件错误地处理了 IMMUTABLE 权限。
CVSS Information
N/A
Vulnerability Type
N/A