← Back
CVE-2026-42072
critical
CVSS 9.8
Vulnerability in graph (CVE-2026-42072)
Summary
vulnerability in graph (CVE-2026-42072). Successful exploitation can lead to full system takeover. Exploitable via ``NORNICDB_ADDRESS``.
AI summary openai / gpt-4o
A critical vulnerability in NornicDB database software has been identified, allowing attackers to access the database with default admin passwords via the network. Versions affected are below 1.0.42, with a fix in version 1.0.42-hotfix. Update the software immediately and configure firewall settings to prevent unauthorized access as a temporary measure.
This vulnerability in NornicDB stems from the --address CLI flag not propagating to the Bolt server config, resulting in it binding to a wildcard address. This affects versions below v1.0.42, fixed in v1.0.42-hotfix. A temporary workaround is to block non-localhost access to the Bolt port (typically 7687) with host firewall rules.
❓ What is the problem
Boltサーバがデフォルトでワイルドカードアドレスにバインドする
📍 Affected scope
NornicDBのBoltサーバ設定
🔥 Severity
Critically allows unauthorized network access
🔧 How to fix
パッチを適用し、CLIフラグを適切にBoltサーバに通す修正を行う (v1.0.42-hotfix)
🛡️ Workaround
ホストファイアウォールでBoltポート(7687)に対する非ローカルアクセスをブロック
🔍 Detection
ネットワーク上でデフォルトの資格情報 admin:password での不正な接続を監視
Related past incidents Similar incidents extracted from past CVEs
unauthorized access due to a network misconfiguration.
Improper handling of wildcard characters leading to privilege escalation.
Another case of improper server configuration leading to data exposure.
If this happens at your company Expected impact per business scenario
📌 In an e-commerce setting
Attacker could access customer data and orders, leading to a data breach.
📌 Within a company’s internal systems
Sensitive financial data could be exposed to unauthorized internal users.
📌 In a SaaS multi-tenant architecture
One tenant's data may be improperly accessed by another tenant.
Recommended action
Update software to v1.0.42-hotfix immediately; use firewall rules to block unauthorized access until patching.
Response Actions (7 steps)
Concrete steps and command examples for SOC/SRE teams to execute in order
-
1Identify exposure identify
Audit SBOM/dependencies for affected components.依存マニフェストで影響コンポーネントを特定する。
-
2Match against affected range verify
Confirm if version satisfies `<1.0.42`Step 1 で見つかったバージョンが影響範囲 `<1.0.42` に該当するか照合。本番で稼働中ならインシデント扱い。
-
7Post-deployment verification verify
Confirm patched version is live in productionパッチ適用後、ステージングで PoC または同等の悪用パターンを再現して脆弱性が閉じたことを確認。本番では Step 3 と同じログクエリでアラート再発が無いか継続監視。
References
- web [email protected]
- web [email protected]
- web [email protected]