6.5
CVSSv2

CVE-2013-4650

Published: 04/07/2013 Updated: 05/07/2013
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 580
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

MongoDB 2.4.x prior to 2.4.5 and 2.5.x prior to 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

mongodb mongodb 2.4.0

mongodb mongodb 2.4.1

mongodb mongodb 2.4.2

mongodb mongodb 2.4.3

mongodb mongodb 2.4.4

mongodb mongodb 2.5.0

Vendor Advisories

Debian Bug report logs - #715007 mongodb: CVE-2013-4650 Package: mongodb; Maintainer for mongodb is Debian MongoDB Maintainers <team+mongodb@trackerdebianorg>; Source for mongodb is src:mongodb (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 5 Jul 2013 12:06:02 UTC Severity: grav ...

Github Repositories

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

A powerful MongoDB auditing and pentesting tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/