Home

CVE-2021-34802

Description

A failure in resetting the security context in some transaction actions in Neo4j Graph Database 4.2 and 4.3 could allow authenticated users to execute commands with elevated privileges.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.546

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2021-34802 are fixed in Neo4j-kernel 4.2.8Windows
Vulnerabilities CVE-2021-34802 are fixed in Neo4j-kernel for Linux 4.2.8Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234