An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.
References
Link | Resource |
---|---|
https://dev.tigergraph.com/forum/c/tg-community/announcements/35 | Vendor Advisory |
https://neo4j.com/security/cve-2023-22950/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-04-13T00:00:00
Updated: 2023-04-13T00:00:00
Reserved: 2023-01-11T00:00:00
Link: CVE-2023-22950
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-13T18:15:07.133
Modified: 2023-05-04T13:31:57.710
Link: CVE-2023-22950
JSON object: View
Redhat Information
No data.
CWE