How severe is CVE-2023-22948?

CVE-2023-22948 has a CVSS v3 score of 4.9 (MEDIUM).

CVE-2023-22948

Name: tigergraph
Author: tigergraph

4.9MEDIUM

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key.

公開日: 4/13/2023更新日: 2/7/2025

説明

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph cluster.

AI分析AIによる分析

影響を受ける製品

tigergraphtigergraph

参照

https://dev.tigergraph.com/forum/c/tg-community/announcements/35
Vendor Advisory
https://neo4j.com/security/cve-2023-22948/
ExploitThird Party Advisory
https://dev.tigergraph.com/forum/c/tg-community/announcements/35
Vendor Advisory
https://neo4j.com/security/cve-2023-22948/
ExploitThird Party Advisory