CVE-2025-11602 (GCVE-0-2025-11602)
Vulnerability from cvelistv5 – Published: 2025-10-31 10:20 – Updated: 2025-10-31 11:37
VLAI?
Summary
Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses.
Severity ?
CWE
- CWE-226 - Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| neo4j | Enterprise Edition |
Affected:
5.26.0 , < 5.26.15
(semver)
Affected: 2025.1.0 , < 2025.10.1 (semver) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T11:36:06.456339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T11:37:44.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Enterprise Edition",
"vendor": "neo4j",
"versions": [
{
"lessThan": "5.26.15",
"status": "affected",
"version": "5.26.0",
"versionType": "semver"
},
{
"lessThan": "2025.10.1",
"status": "affected",
"version": "2025.1.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://mvnrepository.com/artifact/org.neo4j/",
"defaultStatus": "unaffected",
"packageName": "neo4j",
"product": "Community Edition",
"repo": "https://github.com/neo4j/neo4j",
"vendor": "neo4j",
"versions": [
{
"lessThan": "5.26.15",
"status": "affected",
"version": "5.26.0",
"versionType": "semver"
},
{
"lessThan": "2025.10.1",
"status": "affected",
"version": "2025.1.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:neo4j:enterprise_edition:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.26.15",
"versionStartIncluding": "5.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neo4j:enterprise_edition:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2025.10.1",
"versionStartIncluding": "2025.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:neo4j:community_edition:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.26.15",
"versionStartIncluding": "5.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neo4j:community_edition:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2025.10.1",
"versionStartIncluding": "2025.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses."
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "CLEAR",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/V:D/U:Clear",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-226",
"description": "CWE-226: Sensitive Information in Resource Not Removed Before Reuse",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T10:20:17.254Z",
"orgId": "3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6",
"shortName": "Neo4j"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://neo4j.com/security/cve-2025-11602"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Untargeted information leak in Bolt protocol handshake",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6",
"assignerShortName": "Neo4j",
"cveId": "CVE-2025-11602",
"datePublished": "2025-10-31T10:20:17.254Z",
"dateReserved": "2025-10-10T12:54:22.071Z",
"dateUpdated": "2025-10-31T11:37:44.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-11602\",\"sourceIdentifier\":\"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\",\"published\":\"2025-10-31T11:15:33.513\",\"lastModified\":\"2025-11-04T15:41:31.450\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:X/U:Clear\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"CLEAR\"}}]},\"weaknesses\":[{\"source\":\"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-226\"}]}],\"references\":[{\"url\":\"https://neo4j.com/security/cve-2025-11602\",\"source\":\"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-11602\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-31T11:36:06.456339Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-31T11:36:18.345Z\"}}], \"cna\": {\"title\": \"Untargeted information leak in Bolt protocol handshake\", \"source\": {\"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-410\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-410 Information Elicitation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/V:D/U:Clear\", \"providerUrgency\": \"CLEAR\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"neo4j\", \"product\": \"Enterprise Edition\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.26.0\", \"lessThan\": \"5.26.15\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2025.1.0\", \"lessThan\": \"2025.10.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://github.com/neo4j/neo4j\", \"vendor\": \"neo4j\", \"product\": \"Community Edition\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.26.0\", \"lessThan\": \"5.26.15\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2025.1.0\", \"lessThan\": \"2025.10.1\", \"versionType\": \"semver\"}], \"packageName\": \"neo4j\", \"collectionURL\": \"https://mvnrepository.com/artifact/org.neo4j/\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://neo4j.com/security/cve-2025-11602\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.4.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-226\", \"description\": \"CWE-226: Sensitive Information in Resource Not Removed Before Reuse\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:neo4j:enterprise_edition:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.26.15\", \"versionStartIncluding\": \"5.26.0\"}, {\"criteria\": \"cpe:2.3:a:neo4j:enterprise_edition:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2025.10.1\", \"versionStartIncluding\": \"2025.1.0\"}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:neo4j:community_edition:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.26.15\", \"versionStartIncluding\": \"5.26.0\"}, {\"criteria\": \"cpe:2.3:a:neo4j:community_edition:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2025.10.1\", \"versionStartIncluding\": \"2025.1.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\", \"shortName\": \"Neo4j\", \"dateUpdated\": \"2025-10-31T10:20:17.254Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-11602\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-31T11:37:44.777Z\", \"dateReserved\": \"2025-10-10T12:54:22.071Z\", \"assignerOrgId\": \"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6\", \"datePublished\": \"2025-10-31T10:20:17.254Z\", \"assignerShortName\": \"Neo4j\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…