MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6494)
Description
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.