Description
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versions prior to 7.3.3
Remediation
References
Related Vulnerabilities
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6)
OpenSSL Resource Management Errors Vulnerability (CVE-2006-2940)
WordPress Plugin CiviCRM Multiple Cross-Site Scripting Vulnerabilities (5.35.0)
MySQL CVE-2024-20996 Vulnerability (CVE-2024-20996)
Drupal Improper Input Validation Vulnerability (CVE-2022-25271)