MongoDB Compass Vulnerable to Code Injection Due to Sandbox Protection Settings
CVE-2024-6376
Summary
A critical security vulnerability has been discovered in MongoDB Compass, identified as CVE-2024-6376, potentially exposing systems to code injection attacks. This flaw affects versions of MongoDB Compass prior to 1.42.2 and has been assigned a CVSS score of 9.8, indicating a high severity level. The vulnerability may allow attackers to execute arbitrary code, alter control flow, and gain unauthorized control of system resources. To mitigate the risk, users and administrators are strongly advised to update MongoDB Compass to version 1.42.2 or newer immediately. It is important for organizations to prioritize this update as part of their security maintenance procedures to prevent potential attacks.
Affected Version(s)
MongoDB Compass 0 < 1.42.2
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
CybersecurityNewsCVE-2024-6376Critical MongoDB Compass Code Injection Flaw Exposes Systems to Hacking
A critical security vulnerability in MongoDB Compass, identified as CVE-2024-6376, has been discovered, potentially exposing systems to code injection attacks.
6 months ago
Red Hot CyberCVE-2024-6376Vulnerabilità Critica in MongoDB Compass: Sistemi a Rischi di Code Injection
vulnerabilità critica in MongoDB Compass: CVE-2024-6376 espone i sistemi a gravi rischi di code injection.
6 months ago
Red Hot CyberCVE-2024-6376Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks
Critical vulnerability discovered in MongoDB Compass: CVE-2024-6376 exposes systems to severe code injection risks.
6 months ago
References
CVSS V3.1
Timeline
- 📰
First article discovered by ÇözümPark
Vulnerability published
Vulnerability Reserved