Impact
The CamelNeo4jMatchProperties map is used by the Neo4j producer to construct a Cypher WHERE clause. While the values are bound as parameters, the property names – the JSON keys of the map – are interpolated directly into the query string without validation. A crafted key that contains Neo4j Cypher syntax can therefore alter the query’s structure, enabling an attacker to execute arbitrary Cypher. The vulnerability is a classic Cypher injection (CWE‑943) that can lead to reading, modification, or deletion of any node or relationship in the database. The impact is significant because the data set effectively becomes accessible and modifiable by anyone who can influence the match properties.
Affected Systems
Apache Camel releases 4.10.0 through 4.14.7, 4.15.0 through 4.18.2, and 4.19.0 through 4.20.9 contain the vulnerable Neo4j component. Users running these versions are at risk if untrusted data is routed into the CamelNeo4jMatchProperties header.
Risk and Exploitability
The known EPSS score is less than 1 %, indicating a low but non‑zero probability of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog. The attack vector requires that a route propagate untrusted input—such as an HTTP request body—to the CamelNeo4jMatchProperties header, and that the resulting header not be filtered. When these conditions are met, an attacker controlling the property names can inject arbitrary Cypher and compromise the Neo4j database.
OpenCVE Enrichment