CVE-2024-34517

Medium

The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin…

mitre·CWE-471·Published 2024-05-07

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

143 chars

The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access.

NVDen

143 chars

The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access.

OSV.deven

80 chars

The Cypher component in Neo4j between v.5.0.0 and v.5.19.0 mishandles IMMUTABLE.

GHSAen

80 chars

The Cypher component in Neo4j between v.5.0.0 and v.5.19.0 mishandles IMMUTABLE.

NVDes

86 chars

El componente Cypher en Neo4j anterior a 5.19.0 maneja mal los privilegios IMMUTABLES.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
3.1	Primary	NVD	6.5	1.2	5.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N