6 matches found
Metasploit Weekly Wrap-Up 04/19/24
Welcome Ryan and the new CrushFTP module It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the Emergent Threat Response team, which works...
CVE-2023-0342
creationtimestamp| type| source ---|---|--- 2024-04-12 13:48:42+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/mongodbopsmanagerdiagnosticarchiveinfo.rb 2024-04-13 12:45:41+00:00| seen| https://t.me/arpsyndicate/4652 2025-02-06 03:13:45+00:00| see...
CVE-2023-0342
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12...
CVE-2023-0342 MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12...
CVE-2023-0342 MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12...
CVE-2023-0342
CVE-2023-0342 affects MongoDB Ops Manager: Diagnostics Archive may reveal the SAML SSL Pem Key File Password in app settings. Vulnerable on Ops Manager v5.0 before 5.0.21 and v6.0 before 6.0.12; archives do not include PEM files themselves. A Metasploit auxiliary module exists to retrieve the unr...