CVE-2024-34517 @ Maven-org.neo4j:neo4j-cypher-1.8.1

**Checkmarx \(SCA\):** Vulnerable Package
**Vulnerability:** [Read More ](https://devhub.checkmarx.com/cve-details/CVE-2024-34517) about CVE-2024-34517
**Checkmarx Project:** [AsafOrgTesting/Sast\-Sca\-Test\-Repo](https://ast-master-components.dev.cxast.net/projects/237241c8-680c-410c-b221-6975903ae1a1/overview?branch=master)
**Repository URL:** [https://github.com/AsafOrgTesting/Sast\-Sca\-Test\-Repo](https://github.com/AsafOrgTesting/Sast-Sca-Test-Repo)
**Branch:** master
**Scan ID:** [381445f1\-c79b\-4b6f\-9733\-56cc146401f9](https://ast-master-components.dev.cxast.net/projects/237241c8-680c-410c-b221-6975903ae1a1/scans?id=381445f1-c79b-4b6f-9733-56cc146401f9&branch=master)


----
The "Cypher" component in Neo4j versions prior to 5.19.0 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access.





----
**Additional Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** HIGH
**Availability impact:** NONE
**Remediation Upgrade Recommendation:** 4.4.35


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2024-34517 @ Maven-org.neo4j:neo4j-cypher-1.8.1 #16000

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2024-34517 @ Maven-org.neo4j:neo4j-cypher-1.8.1 #16000

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions