Description

Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.

Remediation

References

https://www.exploit-db.com/exploits/50170

Related Vulnerabilities

CVE-2020-7786 Vulnerability in npm package macfromip

CVE-2016-5004 Vulnerability in maven package org.apache.xmlrpc:xmlrpc

CVE-2023-46998 Vulnerability in maven package org.webjars.npm:bootbox.js

CVE-2021-23342 Vulnerability in maven package org.webjars.npm:docsify

CVE-2023-33246 Vulnerability in maven package org.apache.rocketmq:rocketmq-controller

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry