High severityNVD Advisory· Published Jul 27, 2021· Updated Aug 4, 2024
CVE-2021-34802
CVE-2021-34802
Description
A failure in resetting the security context in some transaction actions in Neo4j Graph Database 4.2 and 4.3 could allow authenticated users to execute commands with elevated privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.neo4j:neo4j-kernelMaven | >= 4.2.0, < 4.2.8 | 4.2.8 |
Affected products
2- Neo4j/Graph Databasedescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-2w4h-f44w-968fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-34802ghsaADVISORY
- neo4j.comghsax_refsource_MISCWEB
- neo4j.com/developer/kb/neo4j-4-2-x-sec-vuln-fixghsaWEB
- neo4j.com/developer/kb/neo4j-4-2-x-sec-vuln-fix/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.