Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-6494 - Vulnerability Database
MongoDb

MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-6494

Medium
Reference: CVE-2016-6494
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-6494
Title: MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The client in MongoDB uses world-readable permissions on .dbshell history files which might allow local users to obtain sensitive information by reading these files.