Lucene search
K

4 matches found

NVD
NVD
added 2024/04/24 5:15 p.m.24 views

CVE-2024-3371

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0...

7.1CVSS6.8AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/04/24 4:32 p.m.87 views

CVE-2024-3371

CVE-2024-3371 affects MongoDB Compass. Affected versions: 1.35.0–1.42.0. Root cause: insufficient validation of input from untrusted sources, enabling unintended behavior and data disclosure, with potential for attackers to impersonate users and perform MITM-style access to the channel. Public di...

7.1CVSS6.6AI score0.00231EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/24 4:32 p.m.17 views

CVE-2024-3371 Insufficient validation of external input in Compass may enable MITM attacks

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0...

7.1CVSS7AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/24 4:32 p.m.29 views

CVE-2024-3371 Insufficient validation of external input in Compass may enable MITM attacks

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0...

7.1CVSS7AI score0.00231EPSS
Exploits0References1
Rows per page
Query Builder