HIGH🇵🇱 Wersja polska

CVE-2022-37423

CVSS 7.5v3.1pub. 2022-08-12upd. 2024-11-21

Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Neo4j Awesome Procedures On Cypher

    APP
    Neo4J
    < 4.3.0.74.4.0.0 – 4.4.0.8 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2021-42767CRITICAL9.1ten sam vendor

A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attacker...

CVE-2021-34371CRITICAL9.8ten sam vendor

Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java...

CVE-2018-1000820CRITICAL10.0ten sam vendor

neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnera...

CVE-2018-18389CRITICAL9.8ten sam vendor

Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP fo...

CVE-2022-23532HIGH7.1ten sam vendor

APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j that provides hundreds of procedures and fu...