CVE-2023-22950 in Enterprise Free Edition
Summary
by MITRE • 04/13/2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 10/05/2025
The vulnerability identified as CVE-2023-22950 represents a critical authorization and access control flaw within TigerGraph Enterprise Free Edition version 3.x. This issue specifically affects the gsql_server component which handles data loading operations, creating a significant security risk for organizations utilizing this graph database platform. The flaw stems from insufficient validation of user permissions and file access controls during data loading processes, allowing unauthorized data exposure through maliciously crafted data loading jobs.
The technical nature of this vulnerability resides in the improper handling of file system access within the gsql_server process. When users with designer permissions create data loading jobs, the system fails to properly restrict their ability to access arbitrary file system locations. This design flaw enables attackers to potentially read sensitive files from locations outside the intended data loading scope, effectively bypassing normal file system access controls and permissions. The vulnerability manifests as a path traversal or file inclusion issue where the data loading mechanism does not adequately validate or sanitize file paths, allowing for arbitrary file access patterns.
Operationally, this vulnerability poses severe risks to organizations deploying TigerGraph Enterprise Free Edition 3.x in production environments. Attackers could exploit this weakness to access confidential data, system configuration files, or other sensitive information stored on the server filesystem. The impact extends beyond simple data theft as it could enable further exploitation techniques including privilege escalation, lateral movement within the network, or the extraction of credentials and encryption keys stored in configuration files. Security monitoring systems may not detect these activities as they appear to be legitimate data loading operations, making the threat particularly stealthy and dangerous.
Organizations should immediately implement mitigations including upgrading to patched versions of TigerGraph Enterprise, restricting designer permissions to only trusted users, and implementing additional network segmentation controls around the gsql_server component. The vulnerability aligns with CWE-22 Path Traversal and CWE-73 Improper Neutralization of Special Elements in Output Used by a Downstream Component, representing a combination of path traversal and input validation weaknesses. From an attack perspective, this vulnerability maps to multiple ATT&CK techniques including T1078 Valid Accounts for initial access and T1566 Phishing for initial compromise, with potential progression to T1005 Data from Local System and T1021 Remote Services for lateral movement. The recommended remediation strategy includes comprehensive access control reviews, implementation of file system monitoring, and regular security assessments of database components to prevent similar authorization bypass vulnerabilities in the future.