Description

Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.

Remediation

References

https://www.exploit-db.com/exploits/50170

Related Vulnerabilities

CVE-2019-10806 Vulnerability in maven package org.webjars.npm:vega-util

CVE-2020-7679 Vulnerability in maven package org.webjars.bower:casperjs

CVE-2020-7628 Vulnerability in npm package umount

CVE-2020-28487 Vulnerability in maven package org.webjars.bowergithub.visjs:vis-timeline

CVE-2018-16492 Vulnerability in npm package extend

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry