Description
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
Remediation
References
Related Vulnerabilities
IBMHttpServer Other Vulnerability (CVE-2004-1082)
MediaWiki CVE-2022-34912 Vulnerability (CVE-2022-34912)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0191)
MySQL CVE-2021-35624 Vulnerability (CVE-2021-35624)
WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)