Arbitrary Code Execution and Binary Modification Vulnerability in TigerGraph Enterprise 3.7.0

Arbitrary Code Execution and Binary Modification Vulnerability in TigerGraph Enterprise 3.7.0

CVE-2023-28479 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries.

Learn more about our Web Application Penetration Testing UK.