Vulnerability Details CVE-2013-4650
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v2 Score 6.5
References
Products affected by CVE-2013-4650
-
cpe:2.3:a:mongodb:mongodb:2.4.0
-
cpe:2.3:a:mongodb:mongodb:2.4.1
-
cpe:2.3:a:mongodb:mongodb:2.4.2
-
cpe:2.3:a:mongodb:mongodb:2.4.3
-
cpe:2.3:a:mongodb:mongodb:2.4.4
-
cpe:2.3:a:mongodb:mongodb:2.5.0