MongoDB Compass Vulnerability Could Lead to Data Disclosure and User Impersonation
CVE-2024-3371
6.8MEDIUM
What is CVE-2024-3371?
MongoDB Compass has a vulnerability that stems from inadequate validation of input received from untrusted external sources. This flaw can lead to unexpected application behaviors, including the potential for unauthorized data exposure and user impersonation. It is critical for users and administrators of MongoDB Compass, particularly from versions 1.35.0 to 1.42.0, to mitigate this issue promptly to protect sensitive information from being compromised.
Affected Version(s)
MongoDB Compass 1.35.0 <= 1.42.0