"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versions prior to 7.3.3
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.mongodb.org/browse/SERVER-93516 |
History
Fri, 16 Aug 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:mongodb:mongodb:*:*:*:*:enterprise:*:*:* |
Tue, 13 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 13 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | "Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versions prior to 7.3.3 | |
Title | Backup files may be downloaded by underprivileged users in MongoDB Enterprise Server | |
First Time appeared |
Mongodb
Mongodb mongodb |
|
Weaknesses | CWE-285 | |
CPEs | cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.3.1:*:*:*:enterprise:*:*:* cpe:2.3:a:mongodb:mongodb:7.3.2:*:*:*:enterprise:*:*:* |
|
Vendors & Products |
Mongodb
Mongodb mongodb |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mongodb
Published: 2024-08-13T14:22:22.847Z
Updated: 2024-11-15T13:08:20.203Z
Reserved: 2024-06-27T08:53:38.261Z
Link: CVE-2024-6384
Vulnrichment
Updated: 2024-11-15T13:08:20.203Z
NVD
Status : Analyzed
Published: 2024-08-13T15:15:18.567
Modified: 2024-08-16T14:29:24.947
Link: CVE-2024-6384
Redhat
No data.