Lucene search
K

4 matches found

NVD
NVD
added 2023/08/14 7:15 p.m.13 views

CVE-2023-28481

An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using...

8.8CVSS8.6AI score0.00583EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/14 12:0 a.m.11 views

CVE-2023-28481

An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using...

6.9AI score0.00583EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/14 12:0 a.m.21 views

CVE-2023-28481

An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using...

8.8AI score0.00583EPSS
Exploits1References1
CVE
CVE
added 2023/08/14 12:0 a.m.51 views

CVE-2023-28481

CVE-2023-28481 affects Tigergraph Enterprise 3.7.0. The issue allows unsecured write access to the SSH authorized_keys file, enabling any code running as the tigergraph user to append their SSH public key. This can lead to password‑less SSH access using the attacker’s key. Publicly cited sources ...

8.8CVSS8.5AI score0.00583EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder