Plateforme
other
Composant
neo4j-enterprise-edition
Corrigé dans
5.26.22
2026.02
CVE-2026-1524 describes an authorization bypass vulnerability affecting Neo4j Enterprise Edition versions before 2026.02. This flaw arises from a specific edge case in the Single Sign-On (SSO) implementation where misconfigured OIDC providers can grant unauthorized access. Exploitation requires a complex setup involving multiple OIDC providers, some configured for authentication only, potentially leading to privilege escalation.
The vulnerability stems from a misconfiguration scenario within Neo4j's SSO functionality. If an administrator configures multiple OIDC providers, designates some as authorization providers, and others as authentication-only, the authentication-only providers can inadvertently grant authorization privileges. This occurs when these authentication-only providers contain groups with elevated privileges exceeding those intended by the administrator's authorization configuration. An attacker could exploit this by leveraging a compromised or malicious authentication-only provider to gain administrative access to the Neo4j instance, potentially leading to data breaches, system compromise, and denial of service. The blast radius extends to any sensitive data stored and managed within the Neo4j graph database.
CVE-2026-1524 was publicly disclosed on 2026-03-11. There is no indication of active exploitation or KEV listing at the time of writing. Public proof-of-concept code is currently unavailable. The vulnerability requires a specific and complex configuration, which may limit its immediate exploitability, but the potential impact warrants prompt remediation.
Organizations utilizing Neo4j Enterprise Edition with SSO enabled and multiple OIDC providers configured are at risk. Specifically, deployments with authentication-only OIDC providers containing groups with elevated privileges are particularly vulnerable. Legacy configurations and environments with limited security oversight are also at increased risk.
disclosure
Statut de l'Exploit
EPSS
0.05% (percentile 17%)
CISA SSVC
The primary mitigation for CVE-2026-1524 is to upgrade Neo4j Enterprise Edition to version 2026.02 or later, which contains the fix. If an immediate upgrade is not feasible, carefully review and correct the OIDC provider configuration. Ensure that only intended authorization providers are configured for authorization, and that authentication-only providers do not inadvertently grant elevated privileges. Implement strict access controls and regularly audit SSO configurations to prevent future misconfigurations. Consider implementing a Web Application Firewall (WAF) with rules to detect and block requests attempting to exploit this bypass, although this is not a substitute for patching.
Mettez à jour Neo4j Enterprise Edition à la version 5.26.22 ou ultérieure, ou à la version 2026.02 ou ultérieure. Cela corrige la mauvaise configuration de l'authentification lorsque plusieurs fournisseurs sont activés, empêchant l'accès non autorisé.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-1524 is a vulnerability in Neo4j Enterprise Edition versions prior to 2026.02 where misconfigured OIDC providers can lead to unauthorized access due to an edgecase in the SSO implementation.
You are affected if you are running Neo4j Enterprise Edition versions before 2026.02 and have configured multiple OIDC providers, some for authentication only, with groups having elevated privileges.
Upgrade to Neo4j Enterprise Edition version 2026.02 or later. If immediate upgrade is not possible, review and correct your OIDC provider configurations to ensure proper authorization.
There is currently no public information indicating active exploitation of CVE-2026-1524.
Refer to the official Neo4j security advisory for CVE-2026-1524 on the Neo4j website (https://neo4j.com/security/).
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.