A configuration binding error in Nornicdb leaves the database exposed on all network interfaces with default credentials, allowing unauthenticated remote access.

The Bolt server listener ignores the user-configured address and defaults to binding on all interfaces (0.0.0.0). When combined with default admin credentials, this enables unauthenticated remote attackers on the LAN to gain full control over the graph database.

Exposure of a database containing sensitive graph and vector data can lead to massive data breaches and total loss of confidentiality. Because the service defaults to weak, well-known credentials, the barrier to entry for an attacker is extremely low. The 9.8 CVSS score reflects the high risk of compromise for any Nornicdb instance exposed on a network.

Immediate Action: Upgrade Nornicdb to version 1.0.42-hotfix or later and immediately change the default admin credentials.

Proactive Monitoring: Audit network traffic for unauthorized access attempts to the Nornicdb port and review database access logs for unrecognized activity.

Compensating Controls: Ensure the database is placed behind a firewall that restricts access to the management port from untrusted network segments.

Public Exploit Available: false

The combination of insecure default configurations and network exposure makes this a critical risk. Administrators must update to 1.0.42-hotfix immediately and enforce strong password policies for all administrative accounts to mitigate the risk of unauthorized database access.