CVE-2023-28479

Name of the Vulnerable Software and Affected Versions Tigergraph Enterprise version 3.7.0

Description An issue was discovered in the TigerGraph platform, which installs a full development toolchain within every TigerGraph deployment. This allows an attacker to compile new executables on each TigerGraph system and modify system and TigerGraph binaries.

Recommendations For Tigergraph Enterprise version 3.7.0, consider restricting access to the development toolchain to prevent attackers from compiling new executables and modifying system and TigerGraph binaries. At the moment, there is no information about a newer version that contains a fix for this issue.