ByteOS Network

NVD Vulnerability Details :

CVE-2022-37423

Analyzed

Source-cve@mitre.org

Published At-12 Aug, 2022 | 15:15

Updated At-16 Aug, 2022 | 15:29

Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CPE Matches

neo4j>>awesome_procedures_on_cypher>>Versions before 4.3.0.7(exclusive)

cpe:2.3:a:neo4j:awesome_procedures_on_cypher:*:*:*:*:*:*:*:*

neo4j>>awesome_procedures_on_cypher>>Versions from 4.4.0.0(inclusive) to 4.4.0.8(exclusive)

cpe:2.3:a:neo4j:awesome_procedures_on_cypher:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-22	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://github.com/neo4j-contrib/neo4j-apoc-procedures/security/advisories/GHSA-78f9-745f-278p	cve@mitre.org	Exploit Third Party Advisory
https://neo4j.com/docs/aura/platform/apoc/	cve@mitre.org	Product Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History