Description
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.
Published: 2020-05-13
Score: 5.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2019-12030 In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.
History

Mon, 23 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Description In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5. In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.

Subscriptions

Mongodb Ops Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: mongodb

Published:

Updated: 2024-08-04T18:49:46.370Z

Reserved: 2018-12-10T00:00:00.000Z

Link: CVE-2019-2388

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-05-13T17:15:11.717

Modified: 2026-02-23T16:20:41.743

Link: CVE-2019-2388

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses