← Back to CVE List

CVE-2023-28480

Published: 2023-08-14T19:15Z
Last Modified: 2024-11-21T07:55Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus effectively bypassing the built in RBAC controls. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt