mcp-neo4j Unauthorized Access Vulnerability via SSE Service

A vulnerability in mcp-neo4j version 0.3.0 allows unauthorized access to the MCP service through the SSE/HTTP protocol. This issue enables attackers to gain sensitive information or execute arbitrary commands on the server. The vulnerability arises because the service lacks proper authentication, leaving it open to exploitation by anyone who can reach the service endpoint.

Impact

Exploitation of this vulnerability allows for unauthorized control over the MCP service, including the potential to execute arbitrary commands or access sensitive information.

Reproduction

To reproduce this vulnerability, deploy the mcp-neo4j service version 0.3.0 without configuring an authentication mechanism. Once the service is running, it can be accessed and controlled through the SSE/HTTP protocol, allowing manipulation of the MCP services via the MCP client.

Remediation

It is recommended to implement strong authentication and authorization mechanisms for the MCP service. Additionally, the service should be deployed in a network-isolated environment, behind a VPN or internal network, and not exposed to the public internet. Once an official patch is available, users should promptly update the application.