CVE-2023-28480 in Tigergraphinformazioni

Riassunto

di MITRE • 14/08/2023

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus effectively bypassing the built in RBAC controls.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

16/03/2023

Divulgazione

14/08/2023

Moderazione

accettato

CPE

pronto

EPSS

0.00534

KEV

no

Attività

molto basso

Fonti

Do you need the next level of professionalism?

Upgrade your account now!