漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Enumeration of restricted property value
Vulnerability Description
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database. The vulnerability allows attacker without read access to a property to infer information about its value by trying to enumerate all possible values through observing error messages of SET property. We recommend upgrading to 2025.11.2 or 5.26.17 and above, where the issues is fixed.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Neo4j Enterprise Edition 安全漏洞
Vulnerability Description
Neo4j Enterprise Edition是美国Neo4j公司的一款图数据库。 Neo4j Enterprise Edition 2025.11.2之前版本和5.26.17之前版本存在安全漏洞,该漏洞源于攻击者可通过观察错误消息枚举属性值,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A