Nornicdb
Monthly
NornicDB's Bolt server binds to all network interfaces (0.0.0.0) regardless of the --address CLI flag or server.host configuration, exposing the graph database with default admin:password credentials to any device on the same LAN. The HTTP server correctly honors bind address restrictions, but a configuration plumbing bug prevents the Bolt protocol listener from reading the intended host parameter. Vendor-released patch available in version 1.0.42-hotfix addresses the underlying CWE-1392 (Improper Binding of Resource to Another Sphere) by adding Host field to Bolt configuration and wiring the resolveBindAddress() function to both protocol listeners. GitHub security advisory GHSA-2hp7-65r3-wv54 confirms the vulnerability with reproduction steps showing netstat evidence of wildcard binding despite localhost configuration.
NornicDB's Bolt server binds to all network interfaces (0.0.0.0) regardless of the --address CLI flag or server.host configuration, exposing the graph database with default admin:password credentials to any device on the same LAN. The HTTP server correctly honors bind address restrictions, but a configuration plumbing bug prevents the Bolt protocol listener from reading the intended host parameter. Vendor-released patch available in version 1.0.42-hotfix addresses the underlying CWE-1392 (Improper Binding of Resource to Another Sphere) by adding Host field to Bolt configuration and wiring the resolveBindAddress() function to both protocol listeners. GitHub security advisory GHSA-2hp7-65r3-wv54 confirms the vulnerability with reproduction steps showing netstat evidence of wildcard binding despite localhost configuration.