Описание
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0 (включая) до 3.7.0 (включая)Версия от 3.0 (включая) до 3.7.0 (включая)
Одно из
cpe:2.3:a:tigergraph:tigergraph:*:*:*:*:cloud:*:*:*
cpe:2.3:a:tigergraph:tigergraph:*:*:*:*:enterprise_free:*:*:*
EPSS
Процентиль: 39%
0.00176
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-669
CWE-669
Связанные уязвимости
CVSS3: 6.5
github
больше 2 лет назад
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.
EPSS
Процентиль: 39%
0.00176
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-669
CWE-669