Vulnerabilities > CVE-2024-34517 - Unspecified vulnerability in Neo4J
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- https://github.com/advisories/GHSA-p343-9qwp-pqxv
- https://github.com/advisories/GHSA-p343-9qwp-pqxv
- https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher
- https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher
- https://neo4j.com/security/cve-2024-34517/
- https://neo4j.com/security/cve-2024-34517/
- https://trust.neo4j.com
- https://trust.neo4j.com