WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)

Description

"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versions prior to 7.3.3

Remediation

References

Related Vulnerabilities

WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)

Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14)

Squid Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-5824)

WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (3.4.4)

WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.5.1)

Severity

Medium

Classification

CVE-2024-6384 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities