2 matches found
MongoDB < 2.4.5 / 2.5.1 Multiple Vulnerabilities
The version of the remote MongoDB server is a version prior to version 2.4.5 / 2.5.1. It is, therefore, potentially affected by the following vulnerabilities : - A remote attacker can gain elevated privileges when authenticating as the internal system user name for arbitrary databases...
CVE-2013-4650
MongoDB versions affected are 2.4.x before 2.4.5 and 2.5.x before 2.5.1. The issue allows remote authenticated users to obtain internal system privileges by using the __system username in an arbitrary database. This is a privilege-escalation vulnerability with impact as described in the sources. ...