CVE-2016-6494

Опубликовано: 03 окт. 2016

Источник: debian

EPSS Низкий

Описание

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mongodb	fixed	1:2.6.12-3		package
mongodb	fixed	1:2.4.10-5+deb8u1	jessie	package

Примечания

https://www.openwall.com/lists/oss-security/2016/07/29/4

EPSS

Процентиль: 22%

0.00073

Низкий

Связанные уязвимости

CVE-2016-6494

CVSS3: 5.5

ubuntu

больше 9 лет назад

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

CVE-2016-6494

CVSS3: 4

redhat

больше 9 лет назад

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

CVE-2016-6494

CVSS3: 5.5

nvd

больше 9 лет назад

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

GHSA-j4pw-hgvj-fq4w

CVSS3: 5.5

github

больше 3 лет назад

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

EPSS

Процентиль: 22%

0.00073

Низкий